Blank integer passed into PHP makes my stored proc bind fail

Question

So I have this code:

$pfname = $input->get('pfname','','filter');
$state = $input->get('states');

        $retCode=0;
        $saveVendorProc = mssql_init("createVendorProc",$conn);
        mssql_bind($saveVendorProc , "@VendorName",  $pfname , SQLVARCHAR, false,false,10); 
        mssql_bind($saveVendorProc , "@VendorStateID",  $state , SQLINT4, false,false,150);
        $saveProcRes = mssql_execute($saveVendorProc);
        mssql_free_statement($saveVendorProc );

        $results = Array(
            'error' => false,
            'shopSQLID' => mssql_get_last_message()
        );  

Where $state comes from a simple HTML dropdown in a form. The form is serializing fine and everything works perfectly when I select a state.

But if the state is not selected (and I don't want to make it so the user has to select it), the value is "" (as oppose to some number 3 through 53) and then the message SQL gives me is super generic: "The statement has been terminated."

Any idea what likely simple thing I am doing wrong?

Thanks

Quick edit: also in the code is my $conn variable properly defined. Like I said, works perfectly fine if the state dropdown is selected in the html form.

Answer 1

Did you try saving it as: intval($state) into the proc? Your filter may also be affecting the results.

What is the output of variable $states ? Output of the MSSQL message?

If that doesn't work, try setting $state as (and then repeat trying to save with and without intval($state):

$state = $input->get('states','','RAW'); 

Also, you can also write something like (non-tested code btw... my implementation of 'empty' may be suspect):

if ($state != '' || empty($state) == false) {
  // theres a value so you can include
        mssql_bind($saveVendorProc , "@VendorStateID",  $state , SQLINT4, false,false,150);
} else {
 // do not include the binding
} 

Answer 2

If I understood the question correctly, am submitting the following.

Your best bet would be to use a conditional statement and checking if left empty or if it equals nothing.

For example:

if ($var > 0){
...
}

else{
...
}

Or

if ($var != 0){
...
}

Or

if(!empty($var)){
...
}

Or

if($var == ""){
   ... do something here
}
else { ... do something else }

Or

if( isset($var) && !empty($var) )

Or by using ctype_digit():

if( isset($var) && ctype_digit($var) )

• You have quite a few options to choose from. is_numeric() could be another that you can use.

If your db accepts a zero value, you can use a ternary operator.

$var = !empty($var) ? $var : "0";

N.B.: I'm not 100% sure about the following though, but you can try it.

$state = isset($input->get('states')) ? $input->get('states') : "0";

Sidenote: ^ ^ ^ ^ ^ You can substitute isset() with !empty().

Refererences:

• http://php.net/manual/en/function.empty.php
• http://php.net/manual/en/function.ctype-digit.php
• http://php.net/manual/en/function.is-numeric.php
• http://php.net/manual/en/language.operators.comparison.php