0

I have variable set to NULL that im trying to insert into a database but for some reason they keep getting submitted as '0'. Im positive that column im trying to inset into allows NULL and that the default is set to to NULL. Heres my code:

$insert = NULL;
$query = mysql_query("INSERT INTO `table1` (column1) VALUES ('$insert')") or die(mysql_error());
Improve this question
2
  • Try to put default value as NULL in database table. When you create a new record column1 will be NULL automatically. Or try to set $insert variable as null $insert = null. And the question is - why you need it as NULL? Commented Jul 9, 2012 at 15:27
  • 2
    Have you tried using a prepared statement? See [stackoverflow.com/questions/5329542/… [1]: stackoverflow.com/questions/5329542/… Commented Jul 9, 2012 at 15:28

3 Answers 3

Reset to default
5

Warning:

Please, don't use mysql_* functions for new code. They are no longer maintained and the community has begun the deprecation process. Instead you should learn about prepared statements and use either PDO or MySQLi.

IF you want it to be NULL (and you really really still want to use mysqli_*) in the database you can do the following:

$insert = NULL;
$query = mysql_query("INSERT INTO `table1` (column1) VALUES ("
                         .(($insert===NULL)?
                                 "NULL":
                                 "'".mysql_real_escape_string($insert)."'").
                     ")") or die(mysql_error());

But this could lead to nefarious SQL injection and is not recommended.

See Bobby Tables

So: all in all you should be using prepared statements.

You can use MySQLi like so:

        $dbHandle = new mysqli(...);
        $query = "INSERT INTO `table1` (column1) VALUES (?)";
        $statement = $dbHandle->prepare($query);
        if($statement){
            $statement->bind_param('s', $insert);
            if(!$statement->execute()){
                echo "Statement insert error: {$statement->error}";
            }
            $statement->close();
        }
        else {
            echo "Insert error: {$dbHandle->error}";
        }
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Im talking about the first one
@JonahKatz are you sure that it is on the mysql_* line?
are you missing a semi colon at the end of a line somewhere
-1 for not fixing the SQL injection vulnerability in the first example. A warning is no excuse for leaving insecure code...
1

Try this for static query:

$query = mysql_query("INSERT INTO `table1` (column1) VALUES (NULL)")  or die(mysql_error());

Using Variable :

$insert= NULL;
$insert = ($insert===NULL)? 'NULL' : "'$insert'";
mysql_query("INSERT INTO `table1` (column1) VALUES ($insert)") or die(mysql_error());
Improve this answer

1 Comment

That works, but i need it to be a variable because sometimes the variable isnt null
0

Try without the quotes;

$query = mysql_query("INSERT INTO `table1` (`column1`) VALUES (".$insert.")") or die(mysql_error());

The query should be;

INSERT INTO table1 (column1) VALUES (NULL);

Improve this answer

2 Comments

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '., '24')' at line 1
Well it works on my server... so you must be typing something incorrectly

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.