www.webdeveloper.com
Results 1 to 5 of 5

Thread: mysql_real_escape_string help!!

  1. #1
    Join Date
    May 2007
    Posts
    142

    mysql_real_escape_string help!!

    hi,
    There is a php function mysql_real_escape_string() that we can use to clean string variable before put in to sql query. I am afraid is there any other that can I use with Integer types or the same I should use for all type? Can any one explain this please..

  2. #2
    Join Date
    Nov 2008
    Posts
    2,477
    Escaping something other than a string is not possible, there is no such thing as escaping an integer. If you want to clean/validate integers, you can either just cast to int to be sure of the type:

    PHP Code:
    $foo = (int) $foo
    or else check it is int and do soemthing different if it is not:

    PHP Code:
    if (!is_int($foo) {
        
    // not an int


  3. #3
    Join Date
    May 2007
    Posts
    142
    thanks,
    btw, I think I could not explain the question correctly. I want this..

    PHP Code:
    $sql "INSERT INTO %s(id, agg_number, app_date, inv_number, account_type, status) VALUES (%d, '%s', '%s', '%s', '%d', '%s')";
            
    $sql sprintf($sql$this->tableName,
                                
    $this->id
                                
    $this->agg_number
                                
    $this->getApp_date()) 
                                
    $this->getInv_number(), 
                                
    mysql_real_escape_string($this->getAccount_type()),
                                
    mysql_real_escape_string($this->getStatus())); 
    This function is escaping the given data for string type and prapare it for insertion. So we can insert this data in to any mysql String Types. Same like there are Numeric Types and Date & Time Types. You might have looked in ADO.NET, there is parameter collection where we can define the data as DBTYPE.INT, DBTYPE.BIT so on before insertion. I was guessing is there any function that can do this job.

  4. #4
    Join Date
    Nov 2008
    Posts
    2,477
    If I'm understanding correctly, you can cast a variable to any type:

    PHP Code:
    (int) $foo;
    (bool) 
    $foo;
    (string) 
    $foo
    etc, although PHP is a loosely typed language and as a rule this is not usually necessary.

  5. #5
    Join Date
    May 2007
    Posts
    142
    Yes mindzai. That is what I wanted to confirm whether is there any other option or to go as usual. thanks for your replies.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles