Topic: adding NULL to blank fields in UPDATE

[ntroycondo]

I want to make sure that NULL is entered into column (varchar) when a form field is left blank by a user.
I am using something like this:


mysql_query("UPDATE User set name = '$name',
    email = '$email', WHERE USERID = '$userid'");

[petroz]

you can set your variables to null if they are if(!isset($name)) { $name = 'NULL'; }

[Pikachu2000]

you can set your variables to null if they are if(!isset($name)) { $name = 'NULL'; }

If you want the variable to actually be a NULL value, be aware that doesn't set the variable to contain a NULL value; it sets the value to a string with the value of 'NULL'. To set it to a NULL value, you'd need to not use quotes. If you want it to contain the string 'NULL', the above is fine.

if(!isset($name)) {
     $name = NULL;
}

[petroz]

Awesome! Learning something everyday!

[objNoob]

This is a tricky topic... When using PHP variables to create a MySQL statement you should NOT define the variable in PHP as data type NULL, but rather as a string data type 'NULL' like Petroz's example. $var = 'NULL';
 
Now keep in mind, MySQL has it's own syntax rules and using single quotes around 'NULL' in an SQL Statement is taken as a literal string, so...................

Before creating your MySQL Statement you should validate every PHP variable going into the SQL for content and if its not the string NULL nor a number wrap single quotes around as required in MySQL statements:
if ($var != 'NULL' || isnan($var){
  $var = "'".$var."'";
}
Then you can create the sql statment worry free of single quotes  $sql = "INSERT INTO tTable (ID, Name) VALUES ($var, 'Steve')";

[ntroycondo]

I am working just with just a string so: if(!isset($name)) { $name = 'NULL'; } will work fine for me.

But I haven't figured out the right spot to put the code where it works. Should it be on the form page, or the page with the update php code? Should it be before or after the mysql_query statement?  I tried putting it a bunch of spots but haven't got it to work yet.

[petroz]

Put it with the PHP code that processes the form data. Post the script and I am sure we can find a spot that works.

[ntroycondo]

Thanks in advance!

I have two PHP pages with one html form page that searches the DB and list results. Code below for both PHP pages.
Search php page:

<?php
// Get value from HTML form
$name = $_POST['name'];

$connection = mysql_connect('xxxxxxx');
if (! $connection) {
  die('Error connecting to database ' .
  mysql_error());
}

$name = mysql_real_escape_string($name);

// select the proper database (your username)
mysql_select_db('User');

// run the query with the properly escaped string
$result = mysql_query(
  "SELECT * FROM User WHERE name like '%$name%'"
);

// Check that there were results
if(!$result){
  die('No results ' . mysql_error());
}

echo "<form method='post' action='update.php'>";
while ($row = mysql_fetch_array($result)) {
  echo "User Info<br />\n";
  echo "<input type='hidden' name='userid' value='$row[USERID]' />\n";
  echo "User Name: <input type='text' name='name' value='$row[name]' /><br />\n";
  echo "User Email: <input type='text' name='email' value='$row[email]' /><br />\n";
echo "<input type='submit' value='Save' />\n</form>"; 

// Print number of matching donors
echo 'There were ', mysql_num_rows($result), 'Matching Users';
// process results
while ($row = mysql_fetch_array($result)) {
  echo "User Info<br />";
  echo "User Name: $row[name]<br />";
  echo "User Email: $row[email]<br />";
  echo "User ID: $row[USERID]<br /><br />";
}

?>


And my update php page:


<?php
// Get value from HTML form
$name = $_POST['name'];
$email = $_POST['email'];
$userid = $_POST['userid'];

// Connect using your username and password.
$connection = mysql_connect(xxxxxxxxx);
if (!$connection) {
  die("Error connecting to database " . mysql_error());
}
// Secure the data before it is used
$name = mysql_real_escape_string($name);
$email = mysql_real_escape_string($email);

// select the proper database
mysql_select_db("User");

// Create the query
$result =
  mysql_query("UPDATE User set name= '$name',
    email = '$email' WHERE USERID = '$userid'");

// Find number of affected rows
echo mysql_affected_rows()," row was updated";
?>

[petroz]

I am not too sure what script you want to put this on... Both scripts use the $name variable.. Just put it right underneath either variable at the top.


if(!isset($name)) { $name = 'NULL'; }

[ntroycondo]

if(!isset($name)) { $name = 'NULL'; }
Does not work for me.

if(isset($name)) { $name = 'NULL'; }
Does work fine but in the opposite way than desired

 so i tried IF ELSE but it doesn't work either"

if(isset($email)) 
{
 $email = $email;
 }
 else
 { $email = 'NULL';}

[petroz]

You could try empty...

if(empty())
{
    $name = 'NULL';
} else {
    $name = $_POST['name'];
}


But whats happening with !isset? Are you getting an error?

[ntroycondo]

Using 'if empt'y works.

Using '!isset' doesn't give any error.

I probably could also put an 'if' into the mysql_query SELECT statement.

[ntroycondo]

So it does work with
 
if(empty($name))
{
    $name = 'NULL';
} else {
    $name = $_POST['name'];
}

but if I try to add another if statement for email they both don't work. Do I need anything separating them?

if(empty($name))
{
    $name = 'NULL';
} else {
    $name = $_POST['name'];
}

if(empty($email))
{
    $email = 'NULL';
} else {
    $email = $_POST['email'];
}

[ntroycondo]

Now I think I just I want to add an IF into the mysql statement to add the 'NULL' string.

Not sure of the syntax to use:

 mysql_query("UPDATE User set name= IF("'$name'='' ,NULL, '$name'"), 
  email= '$email' WHERE USERID = '$userid'");

[petroz]

I am pretty sure that wont work.. Anybody, correct me if I am wrong.

I really think you need to figure out whats going wrong with those if statements..

Can you post the structure of your db and the script as you have them now and explain the context in how you are using them and I will try to reproduce the problem you are having on my side.