I am trying to use an if statement to show a picture if the sql data is met here is the code. Problem is the photo always shows regardless if the criteria is met or not.


?>
<?php
$expired_img = "<img src=http://www.daymarems.com/images/expired.png>";
$sql2 = "SELECT expirationcalc FROM employeecertifications ";
$state = "ohio";

if ( strtotime( $sql2 ) < strtotime( '7 days' ) ) {
echo $expired_img;
} // If less than 7 days

?>

The link is here http://www.daymarems.com/dashboard

Please login first
Not that it would be helpful anyway; you can't debug PHP by looking at the output page.

Your if statement is working just fine. If you're not getting the result you expect, it's probably because:


You're not querying the database.
You wrote a query, but you didn't execute it. Do you have a database connection in this script?
Your query is likely to return more than one row.
I couldn't say for sure, of course, without seeing your table structure and knowing what records it holds. But if there's more than one record, there will be more than one row returned; your code is treating the result as if it expects a single value.
(As an aside, is $state relevant to this task? It does nothing here.)
Once you've addressed the above, you'll still be comparing the result resource instead of the actual value(s) returned.
This will result in the same problem you have currently: if you try to convert something that is not a valid time string into a unix timestamp, you'll get false (i.e., 0) (which is why your comparison is always true).

If you share some info about your database connection and table structure, we can work out how to get the result you want.

Here's a generic example of a MySQL query in PHP. It may need to be adjusted, but you'll need all of these parts:


<?php
mysql_connect(/*username, password, etc.*/); //must connect to the database before anything else
mysql_select_db('mydatabase'); //mysql requires selecting a database to begin

$query = 'SELECT `something` FROM `table` WHERE `condition`='.mysql_real_escape_string($value);
//write the actual query
//and include a condition as needed
//and be sure to ESCAPE any user-generated input for security reasons, and to avoid errors!!

$result = mysql_query($query); //RUN the query

//now, there are a few options:

echo mysql_num_rows($result);
//how many results did we get? if its >0, we know it exists, good for IFs

if ($row = mysql_fetch_assoc($result) { //if there's something to look at...
print_r($row); //show the output from that row, or:
echo $row['something']; //show one value
}

//for multiple results:
while ($row = mysql_fetch_assoc($result) { //go through all of the results
echo $row['something']; //show that result, among many
}

//of course, you'll only need one of those options, and there are others too...
?>

And just a note: never post your password (or username/hostname) on the forum here, for security reasons. It's the one part of your script we don't need.


Finally, you probably should actually be using mysqli, rather than mysql. It's just a difference in functions in PHP, but the mysqli functions are newer and more secure. Traq can say more on that. I've got a bad habit of still using mysql because that's how I learned it. You'll also find a lot more info (eg, tutorials) out there on mysql because it's been around longer, but since you're starting now you may want to start with the better of the two :)
Regardless, my code above will more or less apply for mysqli, with a slightly different structure.

As called for, a mysqli (http://php.net/mysqli) example:
<?php
// create a database connection
$DB = new mysqli( 'databaseHost','username','password','databaseName' );

// your query
$query = "SELECT `col` FROM `table` WHERE `col`='".$DB->real_escape_string( $value )."' ";
// you can also use prepared statements (preferable), but I'm following the basic example Daniel gave

// run the query & check that the query was successful (i.e., $result is _not_ FALSE)
if( $result = $DB->query( $query ) ){
// a few options.

// how many rows in the result?
$total_rows = $result->num_rows;

// no rows (i.e., no records matched your conditions)
if( $total_rows === 0 ){
/* move along, move along */
}

// one row
elseif( $total_rows === 1 ){

// retrieve the row
$row = $result->fetch_assoc();

// here's the value you asked for
$col_value = $row['col'];
}

// multiple rows
// (you can also do this if there was only one row; depends on your objective)
else{

// retrieve each row in a loop
while( $row = $result->fetch_assoc() ){

// add the value to an array
$col_values[] = $row['col'];

}

}

}
// IF $result evaluates to FALSE, that means there was an error with the query.
else{

// get the error message
$error = $DB->error;

/* handle the error (log it, abort whatever action depended on the results, etc.) */

}

Thanks for adding that, traq. I've been meaning to get into mysqli for a while and never had the time, especially at the moment. So I've saved your example as a text file (it's very clear, but I don't have time to memorize it at the moment) and I'll get back to it whenever I find myself with some free time, which is elusive at the moment. Not much time for coding at all.

Now, back to your question, paramedicbob! Are we leading you in the right direction? I'd suggest an introductory tutorial if you just aren't sure where to start. But if you can ask something more specific we'll try to help more.