|
Posted by Tim Van Wassenhove on 12/23/06 23:33
bill schreef:
> from: http://us3.php.net/mysql_real_escape_string
>
> // Quote variable to make safe
> function quote_smart($value)
> {
> // Stripslashes
> if (get_magic_quotes_gpc()) {
> $value = stripslashes($value);
> }
> // Quote if not a number or a numeric string
> if (!is_numeric($value)) {
> $value = "'" . mysql_real_escape_string($value) . "'";
> }
> return $value;
> }
>
> However when I pass it a null string it returns just a single double quote.
> It would be easy to fix, but I don't understand why it does this.
All mysql_real_escape_string does is replace characters... Since php
will replace NULL with an empty string, the mysql_real_escape_string
returns an empty string.. .So value becomes the concatenation of ',
empty string and '.
I think your confusion comes from the fact that $value = "NULL" and
$value = null both mean different things.... And on top of that in a SQL
query "NULL" and NULL mean different things too....
--
Tim Van Wassenhove <url:http://www.timvw.be/>
Navigation:
[Reply to this message]
|