How can I get NULL values from my PHP code to a MySQL stored procedure?

Question

I have a table on a page that I am filling with values from a MySQL database; quite a LARGE MySQL database. I also have filters for every column of the table, so that users can filter the results. I have created a stored procedure that works as long as I am calling it from within MySQL. However when I am trying to send NULL values from my PHP code, I get errors on the MySQL side. I am getting the filter values on the PHP side like so:

$var01 = (isset($_GET['var01']) && $_GET['var01']) ? $_GET['var01'] : null;
.
.
.
$var23 = (isset($_GET['var23']) && $_GET['var23']) ? $_GET['var23'] : null;

Then I am calling my stored procedure like so:

$query = "CALL qyertWithFiltering (" . $var01 . ")"; // up to $var23

The only problem is, like I said, is getting the NULL values into the stored procedure from the PHP page. If I am within MySQL and use the following query, I get the results I expect:

call query WithFiltering(10,1234,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL);

However, when I send the following from the PHP page:

CALL queryWithFiltering (10,1234,,,,,,,,,,,,,,,,,,,,,,,)

I get the following MySQL error:

Database Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',,,,,,,,,,,,,,,,,,,,,)' at line 1

As you can see, there are not NULL values, instead there are, I guess, empty values I am sending to the stored procedure. For reference, here is my stored procedure. Again, my stored procedure works perfectly, as expected from within MySQL, but not when being called from my PHP page.

use `my_database`;

DROP PROCEDURE IF EXISTS `queryWithFiltering`;

DELIMITER //
CREATE PROCEDURE `queryWithFiltering` (IN inLimit INT(11),IN inOffset INT(11),IN param01 VARCHAR(255),IN param02 VARCHAR(255),IN param03 DATE,IN param04 DATE,IN param05 DATE,IN param06 TINYINT(1),IN param07 INT(11),IN param08 INT(11),IN param09 INT(11),IN param10 INT(11),IN param11 DATE,IN param12 TINYINT(1),IN param13 VARCHAR(50),IN param14 VARCHAR(50),IN param15 DATE,IN param16 INT(11),IN param17 VARCHAR(50),IN param18 DECIMAL(13,2),IN param19 VARCHAR(50),IN param20 VARCHAR(50),IN param21 VARCHAR(50),IN param22 INT(11),IN param23 INT(11))
LANGUAGE SQL
DETERMINISTIC
SQL SECURITY DEFINER
COMMENT 'comment goes here ...'
BEGIN
DECLARE spLimit INT(11);
DECLARE spOffset INT(11);
DECLARE spVar01 VARCHAR(255);
DECLARE spVar02 VARCHAR(255);
DECLARE spVar03 DATE;
DECLARE spVar04 DATE;
DECLARE spVar05 DATE;
DECLARE spVar06 TINYINT(1);
DECLARE spVar07 INT(11);
DECLARE spVar08 INT(11);
DECLARE spVar09 INT(11);
DECLARE spVar10 INT(11);
DECLARE spVar11 DATE;
DECLARE spVar12 TINYINT(1);
DECLARE spVar13 VARCHAR(50);
DECLARE spVar14 VARCHAR(50);
DECLARE spVar15 DATE;
DECLARE spVar16 INT(11);
DECLARE spVar17 VARCHAR(50);
DECLARE spVar18 DECIMAL(13,2);
DECLARE spVar19 VARCHAR(50);
DECLARE spVar20 VARCHAR(50);
DECLARE spVar21 VARCHAR(50);
DECLARE spVar22 INT(11);
DECLARE spVar23 INT(11);

SET spLimit = inLimit;
SET spOffset = inOffset;
SET spVar01 = param01;
SET spVar02 = param02;
SET spVar03 = param03;
SET spVar04 = param04;
SET spVar05 = param05;
SET spVar06 = param06;
SET spVar07 = param07;
SET spVar08 = param08;
SET spVar09 = param09;
SET spVar10 = param10;
SET spVar11 = param11;
SET spVar12 = param12;
SET spVar13 = param13;
SET spVar14 = param14;
SET spVar15 = param15;
SET spVar16 = param16;
SET spVar17 = param17;
SET spVar18 = param18;
SET spVar19 = param19;
SET spVar20 = param20;
SET spVar21 = param21;
SET spVar22 = param22;
SET spVar23 = param23;

SET @primaryQuery = "select ... where ...";

IF (spVar01 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and alpha like '%", spVar01, "%'");
END IF;

IF (spVar02 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and beta like '%", spVar02, "%'");
END IF;

IF (spVar03 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and gamma like '%", spVar03, "%'");
END IF;

IF (spVar04 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and delta like  '%", spVar04, "%'");
END IF;

IF (spVar05 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and epsilon like  '%", spVar05, "%'");
END IF;

IF (spVar06 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and zeta =  '%", spVar06, "%'");
END IF;

IF (spVar07 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and eta like '%", spVar07, "%'");
END IF;

IF (spVar08 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and theta like '%", spVar08, "%'");
END IF;

IF (spVar09 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and iota like '%", spVar09, "%'");
END IF;

IF (spVar10 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and kappa like '%", spVar10, "%'");
END IF;

IF (spVar11 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and lambda like '%", spVar11, "%'");
END IF;

IF (spVar12 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and mu = '%", spVar12, "%'");
END IF;

IF (spVar13 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and nu like '%", spVar13, "%'");
END IF;

IF (spVar14 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and xi like '%", spVar14, "%'");
END IF;

IF (spVar15 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and omicron like '%", spVar15, "%'");
END IF;

IF (spVar16 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and pi like '%", spVar16, "%'");
END IF;

IF (spVar17 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and rho like '%", spVar17, "%'");
END IF;

IF (spVar18 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and sigma like '%", spVar18, "%'");
END IF;

IF (spVar19 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and tau like '%", spVar19, "%'");
END IF;

IF (spVar20 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and upsilon like '%", spVar20, "%'");
END IF;

IF (spVar21 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and phi like '%", spVar21, "%'");
END IF;

IF (spVar22 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and chi like '%", spVar22, "%'");
END IF;

IF (spVar23 IS NOT NULL) THEN
    SET @primaryQuery = CONCAT(@primaryQuery, " and psi like '%", spVar23, "%'");
END IF;

SET @primaryQuery = CONCAT(@primaryQuery, " order by ID limit ", spLimit, " offset ", spOffset);

PREPARE stmt FROM @primaryQuery;
EXECUTE stmt;

END//

Marc B · Accepted Answer · 2014-02-24 18:31:47Z

1

PHP "null" values are totally incompatible with SQL null values. A PHP null inserted into a string is just an empty string. e.g.

$null = NULL;
$strin = "foo{$null}bar"; // comes "foobar", with nothing in between foo and bar.

If you want a PHP null to be converted into an SQL null, you need to make it into the string 'NULL' instead, e.g.

$phpnull = null;
$fakenull = "NULL"; //this is just a string that happens to say "null"

$sql = "UPDATE ... WHERE phpnull=$null, fakenull=$fakenull";

and your SQL becomes:

UPDATE ... WHERE phpnull=, fakenull=NULL;
                         ^---empty string, because of PHP type conversions
                                    ^^^^^---php string, now being used as an SQL null

answered Feb 24, 2014 at 18:31

Marc B

362k44 gold badges433 silver badges508 bronze badges

Sign up to request clarification or add additional context in comments.

Collectives™ on Stack Overflow

How can I get NULL values from my PHP code to a MySQL stored procedure?

1 Answer 1

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

1 Answer 1

Comments

Your Answer

Sign up or log in

Post as a guest

Related