stackoom
  简体   繁体   中英

PHP How to insert NULL in Database?

 原文  2015-02-06 16:05:04       php/ html/ mysql

Question

I have a normal HTML-File that give a string via. POST to my PHP-file wich will put this to a MySQL-database.

How do I achieve that I can write a "real" NULL in the database and not " " (a empty string) or something like that?

The MySQL column is nullable.

My form: 

<form method="post" action="putInDatabase.php">

    <label>Text</label>
    <textarea name="text" ></textarea>

    <label>Picture URL (optional)</label>
    <input name="image" />
    <br>

    <input id="submit" name="submit" type="submit" value="submit">

</form>

My PHP-File: 

<?php

  $text = "";
  $image = null;

  if (isset($_POST["submit"]))
  {
    $text = $_POST["text"];

    $image = $_POST["image"];
  }

  $text = strtr ($text, array ('"' => '\"'));


  $con = mysql_connect("censored :)");

  if (!$con)
  {
    die('ERROR' . mysql_error());
  }
  mysql_select_db("_DATABASE_HERE_", $con);


  $insertSQL = "INSERT INTO `_DATABASE_HERE_`.`_NAME_HERE_` (`Text`, `PictureURL`) VALUES ('$text', '$image ');";  

  $res = mysql_query($insertSQL); 
  $res = mysql_query($sql);

  mysql_close($con);

  echo "Success!";

?>

2 answers

solution1
 2 ACCPTED  2015-02-06 16:09:03

You'd need to pre-process your text. And since you're vulnerable to sql injection attacks this should be considered MANDATORY: 

if (isset($_POST['text']) && !empty($_POST['text'])) {
   $safetext = "'" . mysql_real_escape_string($_POST['text']) . "'";
} else {
   $safetext = 'null';
}

$sql = "INSERT ... VALUES ($safetext, ...)";

Note how the quotes are added inside the if() . If there's some text to be done, the sql-escaped text is surrounded by quotes. if there's no text at all, then the string null is added in. This boils down to the difference between null and 'null' .

null is an sql null, "unknown value". 'null' is a string with the literal characters n , u , l , and l in it. In SQL terms, they're two completely different things.

The above code would produce 

INSERT ... VALUES (null, ...)
INSERT ... VALUES ('Miles O\'Brien', ...)

solution2
 0  2015-02-06 16:19:42

Try this: 

$variable_name = "NULL";

Now, while inserting into the database, use $variable_name.

That should do it.

EDIT: You need to either use prepare statements, if you are gonna switch to PDOs in future or escape the user input.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Not able to insert Null into database from PHP php - mysql database insert null vs 0 how to insert null in postgres with php How to insert datepicker into the database in php How to insert to database using php? How to insert text to a database in php php - How to insert picture in database? How to insert php codes into database? how to insert a string in database if value is null How to insert a null value for INT in database?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM