【问题标题】:How to insert NULL into integer column in mysql if the POST is empty using php [duplicate]如果POST为空,如何使用php将NULL插入mysql中的整数列[重复]
【发布时间】:2022-01-26 00:38:27
【问题描述】:

这是原始编码。我已经尝试了很多以前在 stackoverflow 中发布的方法,但它们都不起作用。 我的父亲、母亲、丈夫和妻子的列是整数类型。

$db = mysqli_connect('x', 'xx', 'xxx', 'xxxx');

if (isset($_POST['add_member'])) {

  // receive all input values from the form
  $username = mysqli_real_escape_string($db, $_POST['username']);
  $sex = mysqli_real_escape_string($db, $_POST['sex']);
  $father = mysqli_real_escape_string($db, $_POST['father']) == "" ? null : (int)mysqli_real_escape_string($db, $_POST['father']);
  $mother = mysqli_real_escape_string($db, $_POST['mother']) == "" ? null : (int)mysqli_real_escape_string($db, $_POST['mother']);
  $husband = mysqli_real_escape_string($db, $_POST['husband']) == "" ? null : (int)mysqli_real_escape_string($db, $_POST['husband']);
  $wife = mysqli_real_escape_string($db, $_POST['wife']) == "" ? NULL : (int)mysqli_real_escape_string($db, $_POST['wife']);
  $family = mysqli_real_escape_string($db, $_POST['family']) == "" ? null : (int)mysqli_real_escape_string($db, $_POST['family']);
    
    $query = "INSERT INTO users (username, gender, father_id, mother_id, husband_id, wife_id, family_id) VALUES ('$username', '$sex', '$father', '$mother', '$husband', '$wife', '$family')";
    mysqli_query($db, $query);
    header('location: index.php');
  }
}

这里有一些我用过但还是不行的方法

 $husband =  mysqli_real_escape_string($db, $_POST['husband']);
 $husband = !empty($husband_contact) ? "'$husband'" : NULL;

另一种方法:

if (empty($_POST['husband'])){ $husband= NULL; 
}else{ $husband =  mysqli_real_escape_string($db, $_POST['husband']);}

另一种方法(我不确定,因为它没有$db,甚至可能吗?):

 if ($_POST['husband'] == '') {
 $husband = NULL;
 }else {
  $husband = "'" . mysqli_real_escape_string($_POST['husband']) . "'";
 }

还有另一种方法(与此相同,没有 $db)

$husband = !empty($_POST['husband']) ? "'".$mysqli->real_escape_string($_POST['husband'])."'" : NULL;

【问题讨论】:

  • 尝试echo $query;,应该立即清楚为什么它没有按照您的意愿行事。您正在创建一个要插入的空字符串,而不是空字符串。您应该考虑使用准备好的语句,而不是从包含变量的字符串构建查询。 php.net/manual/en/mysqli.quickstart.prepared-statements.php
  • 如果你使用准备好的statemets,你不会有这个问题,你会避免sql注入。现在,您正尝试在 int 列中插入字符串 null。您没有插入空值
  • 使用准备好的语句并绑定值。不要使用mysqli_real_escape_string

标签: php mysql null


【解决方案1】:

首先,确保您的表的列接受空值。

我不确定这是将数据插入数据库的正确且安全的方法。您应该尝试 PDO 绑定方法。

try {

  $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);

  // set the PDO error mode to exception

  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

  $sql = "INSERT INTO users (username, sex, father, mother, husband, wife, family)

  VALUES (?,?,?,?,?,?,?)";

  $conn->bind_param($username, $sex, $father, $mother, $husband, $wife, $family);

  // use exec() because no results are returned

  $conn->exec($sql);

  echo "New record created successfully";

} catch(PDOException $e) {

  echo $sql . "<br>" . $e->getMessage();

}

$conn = null;

?>

【讨论】:

    猜你喜欢
    • 2011-08-13
    • 2015-09-16
    • 1970-01-01
    • 2019-01-21
    • 1970-01-01
    • 2013-08-06
    • 2017-02-24
    • 2023-04-05
    • 2015-07-22
    相关资源
    最近更新 更多