robert_gsfame Posted April 26, 2010 Share Posted April 26, 2010 I just realise that single quotes '' and NULL will completely give me different result and now i have another problem, how can i insert NULL value into database but still using mysql_real_escape_string() ?? yet if i have '' and Null , and i use if(empty()) will all records with both NULL and '' still can be retrieved thanks in advance Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/ Share on other sites More sharing options...
de.monkeyz Posted April 26, 2010 Share Posted April 26, 2010 If you want to provide the null keyword, you can check if the data entered is blank, and define it as NULL if it is. Like so: $data = empty($data) ? 'NULL', "'".mysql_real_escape_string($data)."'"; //The '' around the data are already included in this. When the data is empty it will give NULL $query = "INSERT INTO `table` SET `field` = $data"; //We already added the single quotes in the above line. Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048665 Share on other sites More sharing options...
robert_gsfame Posted April 26, 2010 Author Share Posted April 26, 2010 NULL still has to be put between quotes?? Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048669 Share on other sites More sharing options...
de.monkeyz Posted April 26, 2010 Share Posted April 26, 2010 NULL isn't put in quotes. If you check my code, it only puts quotes around values which get put though mysql_real_escape_string. Example: $data is My Title $data becomes 'My Title' $data is $data becomes NULL Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048674 Share on other sites More sharing options...
robert_gsfame Posted April 26, 2010 Author Share Posted April 26, 2010 $test="NULL" Is this still correct??? mysql_query(sprintf("INSERT INTO table1(column1)VALUES('%s')", mysql_real_escape_string($test))); Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048680 Share on other sites More sharing options...
de.monkeyz Posted April 26, 2010 Share Posted April 26, 2010 No it is not. You're surrounding the value in quotes in your query. Here INSERT INTO table1 (column1) VALUES( 'NULL' ) //What your code does - incorrect INSERT INTO table1 (column1) VALUES(NULL) //What it should do Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048682 Share on other sites More sharing options...
robert_gsfame Posted April 26, 2010 Author Share Posted April 26, 2010 oops confused..... :confused: Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048684 Share on other sites More sharing options...
robert_gsfame Posted April 26, 2010 Author Share Posted April 26, 2010 so if i write like what u did, then i cannot use sprintf() Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048687 Share on other sites More sharing options...
de.monkeyz Posted April 26, 2010 Share Posted April 26, 2010 NULL is a keyword in mysql. Like SELECT is, or like function is in php. If you wrap it in quotes like your code did, it will just read it as the string NULL. My code that I posted will take a variable called $data and either make it into a string including the quotes for the query, or NULL, WITHOUT quotes. I can even turn it into a function function nullify($data) { return empty($data) ? 'NULL', "'".mysql_real_escape_string($data)."'"; //The '' around the data are already included in this. When the data is empty it will give NULL } //Then I can use it your query: $test = '' //Set it to an empty string if you want NULL mysql_query(sprintf("INSERT INTO table1(column1)VALUES(%s)", nullify($test))); Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048690 Share on other sites More sharing options...
robert_gsfame Posted April 26, 2010 Author Share Posted April 26, 2010 Yess!!! i got it now!! thank you so much for your help!! Link to comment https://forums.phpfreaks.com/topic/199794-mysql_real_escape_string-problem/#findComment-1048691 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.