Reputation: 10913
data type trouble in php
I don't know why but the data type in this code makes a trouble when the id in the url starts with the number zero like this: http://localhost/exp/update.php?id=03A43 In this case the id is 03A43.
And my query looks like this:
mysql_select_db("school", $con);
$result = mysql_query("SELECT * FROM student WHERE IDNO=".(int)$_GET['id']);
?>
There is no problem in the design if the id does not start with the number zero. What might be the proper data type for numbers beginning in zero?
Upvotes: 0
Views: 87
Answers (5)
Reputation: 43380
Edit: The OP didn't reveal until recently that the type of the field is a varchar, not a number. Hence, s/he should use this:
mysql_query("SELECT * FROM student WHERE IDNO='"
. mysql_escape_string($_GET['id']) . "'");
For posterity, my original answer was:
It looks like you're trying to parse a hexadecimal number, in which case you could do:
hexdec($_GET['id'])
(int)x is the same as intval(x), which defaults to base 10. Your number, 03A43, was clearly not base 10, so PHP stopped reading it when it got to the A. You could also say intval(x, 16) to parse the hexadecimal number, but since you're using the result as a string, hexdec is probably a teeny tiny bit faster.
As an unrelated note of caution, many programming languages treat numbers starting with 0 as octal rather than decimal. If you say $myvar = 031;, $myvar will be set to 25. This also applies to JavaScript as well as its parseInt function. In PHP, since (int) and intval default to base 10, intval('031') will be 31. However, intval('031', 0) will be 25 because the second parameter, 0, tells intval to autodetect the base.
Upvotes: 2
Reputation: 5803
Stop casting an alphanumeric string as an integer if you want the string to remain intact. Why are you doing that? Also, and more importantly, you need to escape your raw input, at the very least. Call mysql_real_escape_string() on it before passing it to mysql_query().
Upvotes: 1
Reputation: 39356
Quote your string:
mysql_select_db("school", $con);
$result = mysql_query("SELECT * FROM student WHERE IDNO='".$_GET['id']."'")
Upvotes: 0
Reputation: 16533
(int)03A43 will output 3. Are you sure that's an A in there?
On the other hand, $_GET[] will always be a string. Casting a string as an int will remove the leading 0. If you need the leading 0 just don't cast it, leave the string as it is.
Upvotes: 0
Reputation: 175335
What's the type of student.IDNO in the database? Casting $_GET['id'] to an int is going to make it just "3", which seems like not what you want
Upvotes: 0
Related Questions
- How to return expected data type in PHP
- MySQL Text datatype acting like Int datatype
- php pack: problems with data types and verification of my results
- data types and their comparsions in php
- Decimal type in php
- Datatype integer?
- How do I solve a "Wrong datatype" error in my PHP script?
- using datatype in php is possible?
- how to set data types in php
- php variable datatypes