I am kind of confused and I tried to look online but could not find any answer who fit my need. I am facing an issue with PHP / MYSQL

I have a list of users and each users is currently active.

I would like to create a MYSQL UPDATE (active = 0) to the users who their membership has expired.

The user is automaticaly set up to 1 when they create their account and have their membership for 1 year. if the date pass. This user will be automaticaly to the Active row (0) instead of (1) and the account will automaticaly desactivated.

I want to do it with a loop because we have hundred of members who has not been connected for a while and their account wont be desactivated unless they sign-in.

I know I miss something (a foreach or a for ) but no idea how to represent it.

Someone can give me a hand ?

Thank you so much.

<?php include("config.php");


$date1 = date("d/m/Y"); // currently date of today
$bouclerequete = "SELECT * FROM users";  // connect all the users in once.
$resultboucle = $link->query($bouclerequete);


while($rowtable = mysqli_fetch_array($resultboucle, MYSQLI_ASSOC)){   // while fetch array with all the users


 $date2 = $rowtable["datefincontrat"]; // end of the contract

 if ($date1 > $date2){  // if the date of today is lower than the date of their membership. we don't do anything




 }
 else{  // Otherwise , the membership will return to 0 and the account will be desactivated. 

   $ids2 = $rowtable["id"];
   $sql5 = "UPDATE users SET Active='0' WHERE id=$ids2";

   if ($link->query($sql5) === TRUE) {

   } else {
     echo "Error updating record: " . $conn->error;
   }



 }

}


?>

CodePudding user response：

Keep it simple and make this in one command.

UPDATE users SET Active='0' WHERE datefincontrat < CURDATE();

Still, your code is vulnerable to sql injection, so please read up on prepared statements with parameters. See: How can I prevent SQL injection in PHP?