You’ve got a basic flaw in your logic. This statement will never be true
$date = date("Y-m-d h:i:s");
$sql = "UPDATE `sys_attendance` SET `clock_out` = ? WHERE `emp_id` ='$emp_id' AND `c_date` ='$date'";
$date is a full date time including time, so it shouldn’t find a match. Is c_date hold just a date or is it a timestamp?
If it’s a date, then @m_hutley’s approach is still best, but you can change your query to something similar. Just make it completely parameterized, not haphazard like it is now…
elseif (isset($_POST['Check-out'])) {
$time = date("Y-m-d h:i:s");
$date = date("Y-m-d "); // note the different format here....
$emp_id = $_SESSION['user-id'];
$sql = "UPDATE `sys_attendance` SET `clock_out` = ? WHERE `emp_id` = ? AND `c_date` = ?"; // note the change here....
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt,$sql))
{
header("Location: ../admin/home.php?error=sqlerror", true);
exit();
}
else{
mysqli_stmt_bind_param($stmt,"s",$time);
mysqli_stmt_bind_param($stmt,"s",$emp_id); // added to match changed query above
mysqli_stmt_bind_param($stmt,"s",$date); // added to match changed query above
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$_SESSION['msg-type'] = 'success';
$_SESSION['msg-descrp'] = "You\'re Successfully Checked Out";
header("Location: ../admin/home.php?result=You-Are-Checked-Out_Now&time=".$time."&date=".$date."&emp_id=".$emp_id, true);
exit();
}
}
If c_date is a timestamp, it’s going to be more difficult because you’re going to have to convert the timestamp in the database to a date. The other issue here is you’re only allowing one check-in and out per day. That’s going to hamper you later.
That is a good way to kill database performance on larger tables.
In these cases BETWEEN is a better choices, WHERE c_date BETWEEN ‘2019-11-01 00:00:00’ AND ‘2019-11-01 23:59:59’
Edit:
If the column type in MySQL is TIMESTAMP, it is not a unix timestamp. It is a normal DATETIME structure, only set to UTC timezone, and it can use the database date functionality.
