PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Something that has been puzzling me and I wonder if anybody can let me know what’s happening.
In my MySQL database I have the values in a specific field set to ‘null’ so that if an entry is made without a value sent to the database is will automatically set this to ‘null’. However when I run the following code my database shows a ‘blank’ field when I view this under phpMyAdmin when I expect to see ‘Null’ in italics. The field in phpMyAdmin looks empty when I click to view it and I cannot see any white space that might have been added by the query below.
Can anyone point out what’s invisible being sent to the database?
an empty string will override the null you have setup. So if you just click submit without putting anything into the field, it will still save just the empty string to the database, not a "null" for the field.
On a side note, you really really really need to look into using the function mysql_real_escape_string() on all variables that you put into a query. Look into SQL Injection for reasons why.
<?php
class test
{
private $_var;
public function show()
{
return $this->_var;
}
public function __set($var, $value)
{
$this->$var = $value;
}
}
$test = new test();
var_dump($a = $test->show()); //should show null
$test->_var = '';
var_dump($a = $test->show()); //should show string
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
On a side note, you really really really need to look into using the function mysql_real_escape_string() on all variables that you put into a query. Look into SQL Injection for reasons why.
Yes, your code is not secure and vulnerable for sql injection attack, should considered filter it.
Also, if you know the input text is empty, maybe just don't execute the insert sql at all.