I'm writing a token authentication system for a little project of mine in PHP. A request is made to a script which then generates the token and stores it into a database with an expiry date of the current time +2 minutes.
There is then another script which takes the token in its request, checks it's valid and the token hasn't expired. This is where I'm getting stuck. I'm unable to succesfully compare the two dates and even though the condition should be true, it's not.
Here's how I insert the time into the database;
// Now, we want to gen the token.
$token = randomKey(20);
// Current time + 2 minutes
$time = date("m/d/Y h:i:sa", time() + 120);
// Insert the token into the DB
$obj->query("INSERT INTO `tokens`(`username`, `token`, `expiry`) VALUES ('$uid', '$token', '$time')");
Here's how I attempt to compare them;
if(strtotime($row['expiry']) < strtotime(date("m/d/Y h:i:sa")))
No matter what, even after changing the time in the db to a day in the past, this condition always evaluates to false.
aat the end is confusing me, MySQL dates are normally stored in a 24 hour format.var_dump($row['expiry']);?