Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    709
    Thanks
    20
    Thanked 84 Times in 84 Posts

    Problem inserting NULL

    how can i change this to inset null instead of blank???

    this is the address bar:

    Code:
    http://***/mara/cat/adminproducts.php?Action=insert&SectionID=1&CategoryID=1&ProductID=34&ProductCode=62905&ProductName=Cloth+Sheets&CategoryID=1&ProductType=3M%28TM%29+314D+Utility+Cloth+Rolls+%26+Sheets&ProductDescription=A+resin+bond+J+weight+flexible+cloth+product%0D%0AUsed+for+all+maintenance+and+general+workshop+applications%0D%0AAvailable+in+very+fine+grades+for+even+finer+finishes%0D%0ARolls%3A+1+roll+per+box%0D%0ASheets%3A+50+sheets+per+sleeve&Field0=Size&Value0=230mm+x+280mm&Field1=Grade&Value1=P50&Field2=&Value2=&Field3=&Value3=&Field4=&Value4=&Field5=&Value5=&CostPrice=0.00&SellPrice=54.03&PackQty=50+Sheets&submit=Insert

    the problem lies with this line:

    PHP Code:

    //inserts blank value
    (!empty($_GET['Field3']) ? mysql_real_escape_string($_GET['Field3']) : NULL)


    //inserts the word NULL
    (!empty($_GET['Field3']) ? mysql_real_escape_string($_GET['Field3']) : "NULL"




    and this is my insert script:
    PHP Code:
    if ((isset($_GET['Action'])) && ($_GET['Action'] == 'insert')){
        
    $ProductType mysql_real_escape_string($_GET['ProductType']);
        
    $ProductDescription mysql_real_escape_string($_GET['ProductDescription']);
        
    $Regme Q("INSERT INTO tblproducts (
                ProductName,
                ProductCode,
                CategoryID,
                ProductType,
                ProductDescription,
                `Field[0]`,
                `Value[0]`,
                `Field[1]`,
                `Value[1]`,
                `Field[2]`,
                `Value[2]`,
                `Field[3]`,
                `Value[3]`,
                `Field[4]`,
                `Value[4]`,
                `Field[5]`,
                `Value[5]`,
                CostPrice,
                SellPrice,
                PackQty
                )VALUES (
                '"
    .mysql_real_escape_string($_GET['ProductName'])."',
                '"
    .mysql_real_escape_string($_GET['ProductCode'])."',
                '"
    .mysql_real_escape_string($_GET['CategoryID'])."',
                '"
    .$ProductType."',
                '"
    .$ProductDescription."',
                '"
    .(!empty($_GET['Field0']) ? mysql_real_escape_string($_GET['Field0']) : NULL)."',
                '"
    .(!empty($_GET['Value0']) ? mysql_real_escape_string($_GET['Value0']) : NULL)."',
                '"
    .(!empty($_GET['Field1']) ? mysql_real_escape_string($_GET['Field1']) : NULL)."',
                '"
    .(!empty($_GET['Value1']) ? mysql_real_escape_string($_GET['Value1']) : NULL)."',
                '"
    .(!empty($_GET['Field2']) ? mysql_real_escape_string($_GET['Field2']) : NULL)."',
                '"
    .(!empty($_GET['Value2']) ? mysql_real_escape_string($_GET['Value2']) : NULL)."',
                '"
    .(!empty($_GET['Field3']) ? mysql_real_escape_string($_GET['Field3']) : NULL)."',
                '"
    .(!empty($_GET['Value3']) ? mysql_real_escape_string($_GET['Value3']) : NULL)."',
                '"
    .(!empty($_GET['Field4']) ? mysql_real_escape_string($_GET['Field4']) : NULL)."',
                '"
    .(!empty($_GET['Value4']) ? mysql_real_escape_string($_GET['Value4']) : NULL)."',
                '"
    .(!empty($_GET['Field5']) ? mysql_real_escape_string($_GET['Field5']) : NULL)."',
                '"
    .(!empty($_GET['Value5']) ? mysql_real_escape_string($_GET['Value5']) : NULL)."',
                '"
    .mysql_real_escape_string($_GET['CostPrice'])."',
                '"
    .mysql_real_escape_string($_GET['SellPrice'])."',
                '"
    .mysql_real_escape_string($_GET['PackQty'])."'
                )"
    );
        
    $_GET['ProductID'] = mysql_insert_id();

    There are 10 types of people on CodingForums,
    Those who understand Binary and those who dont.
    Get Cloud Hosting now from only£59 / month

  • #2
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    709
    Thanks
    20
    Thanked 84 Times in 84 Posts
    p.s.

    print_r is showing

    PHP Code:
    INSERT INTO tblproducts ProductNameProductCodeCategoryIDProductTypeProductDescription, `Field[0]`, `Value[0]`, `Field[1]`, `Value[1]`, `Field[2]`, `Value[2]`, `Field[3]`, `Value[3]`, `Field[4]`, `Value[4]`, `Field[5]`, `Value[5]`, CostPriceSellPricePackQty )VALUES 'Cloth Sheets''62903''1''3M(TM) 314D Utility Cloth Rolls & Sheets''A resin bond J weight flexible cloth product\r\nUsed for all maintenance and general workshop applications\r\nAvailable in very fine grades for even finer finishes\r\nRolls: 1 roll per box\r\nSheets: 50 sheets per sleeve''Size''230mm x 280mm''Grade''P80''''''''''''''''''0.00''46.50''50 Sheets' 
    There are 10 types of people on CodingForums,
    Those who understand Binary and those who dont.
    Get Cloud Hosting now from only£59 / month

  • #3
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    709
    Thanks
    20
    Thanked 84 Times in 84 Posts
    nvm i fixed it, thanks for looking


    PHP Code:
    $Field0=(strlen($_GET['Field0']) > "'".mysql_real_escape_string($_GET['Field0'])."'" 'NULL');
        
    $Value0=(strlen($_GET['Value0']) > "'".mysql_real_escape_string($_GET['Value0'])."'" 'NULL');
        
    $Field1=(strlen($_GET['Field1']) > "'".mysql_real_escape_string($_GET['Field1'])."'" 'NULL');
        
    $Value1=(strlen($_GET['Value1']) > "'".mysql_real_escape_string($_GET['Value1'])."'" 'NULL');
        
    $Field2=(strlen($_GET['Field2']) > "'".mysql_real_escape_string($_GET['Field2'])."'" 'NULL');
        
    $Value2=(strlen($_GET['Value2']) > "'".mysql_real_escape_string($_GET['Value2'])."'" 'NULL');
        
    $Field3=(strlen($_GET['Field3']) > "'".mysql_real_escape_string($_GET['Field3'])."'" 'NULL');
        
    $Value3=(strlen($_GET['Value3']) > "'".mysql_real_escape_string($_GET['Value3'])."'" 'NULL');
        
    $Field4=(strlen($_GET['Field4']) > "'".mysql_real_escape_string($_GET['Field4'])."'" 'NULL');
        
    $Value4=(strlen($_GET['Value4']) > "'".mysql_real_escape_string($_GET['Value4'])."'" 'NULL');
        
    $Field5=(strlen($_GET['Field5']) > "'".mysql_real_escape_string($_GET['Field5'])."'" 'NULL');
        
    $Value5=(strlen($_GET['Value5']) > "'".mysql_real_escape_string($_GET['Value5'])."'" 'NULL');
                        
                        
    if ((isset(
    $_GET['Action'])) && ($_GET['Action'] == 'insert')){
        
    $ProductType mysql_real_escape_string($_GET['ProductType']);
        
    $ProductDescription mysql_real_escape_string($_GET['ProductDescription']);
        
    $Regme Q("INSERT INTO tblproducts (
                ProductName,
                ProductCode,
                CategoryID,
                ProductType,
                ProductDescription,
                `Field[0]`,
                `Value[0]`,
                `Field[1]`,
                `Value[1]`,
                `Field[2]`,
                `Value[2]`,
                `Field[3]`,
                `Value[3]`,
                `Field[4]`,
                `Value[4]`,
                `Field[5]`,
                `Value[5]`,
                CostPrice,
                SellPrice,
                PackQty
                )VALUES (
                '"
    .mysql_real_escape_string($_GET['ProductName'])."',
                '"
    .mysql_real_escape_string($_GET['ProductCode'])."',
                '"
    .mysql_real_escape_string($_GET['CategoryID'])."',
                '"
    .$ProductType."',
                '"
    .$ProductDescription."',
                "
    .$Field0.",
                "
    .$Value0.",
                "
    .$Field1.",
                "
    .$Value1.",
                "
    .$Field2.",
                "
    .$Value2.",
                "
    .$Field3.",
                "
    .$Value3.",
                "
    .$Field4.",
                "
    .$Value4.",
                "
    .$Field5.",
                "
    .$Value5.",
                '"
    .mysql_real_escape_string($_GET['CostPrice'])."',
                '"
    .mysql_real_escape_string($_GET['SellPrice'])."',
                '"
    .mysql_real_escape_string($_GET['PackQty'])."'
                )"
    ); 
    There are 10 types of people on CodingForums,
    Those who understand Binary and those who dont.
    Get Cloud Hosting now from only£59 / month

  • #4
    Senior Coder
    Join Date
    Apr 2011
    Location
    London, England
    Posts
    2,120
    Thanks
    15
    Thanked 354 Times in 353 Posts
    You could investigate prepared statements which would avoid the need to real escape all the data.
    "I'm here to save your life. But if I'm going to do that, I'll need total uninanonynymity." Me Myself & Irene.
    Validate your HTML and CSS


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •