Reputation: 6241
Make MySQL not to convert string to number
I have a query in my application that selects users from a table by ID or by username:
SELECT * FROM users WHERE id = '$x' OR username = '$x'
This is working when given usernames like foo, bar123 or ids like 1, 123.
But when I give a username like 2foo it selects both user 2foo and user with id=2. So it takes the 2 of 2foo and finds a user. Additionally I get a warning message: 1292: Truncated incorrect DOUBLE value: 2foo.
Is there a way to tell MySQL not to do this conversion (for this query but not whole db)? Or do I need to do a filtering after the query to discard false results?
Upvotes: 4
Views: 652
Answers (1)
Reputation: 65274
Your query is formed in a way, that triggers a "this-is-a-feature-not-a-bug" behaviour in MySQL: You compare the same string ('$x') to a numeric field (id) and to a varchar field (username).
While I am sure, there are ways to make this work in SQL, I suspect the only correct way is to fix the PHP that creates the query. Something like
if (is_numeric($x)) $sql="SELECT * FROM users WHERE id = '$x' OR username = '$x'";
else $sql="SELECT * FROM users WHERE username = '$x'";
should help.
Here is the SQL version, just for the sake of completeness:
SELECT * FROM users WHERE id = IF('$x' REGEXP '^[0-9]+$','$x',0) OR username = '$x'
Note: Form the OQ I assume, that $x is already escaped.
Upvotes: 5
Related Questions
- How can I convert a string to a float in mysql?
- How to cast a string to numeric in mysql?
- MySQL type conversion while ignoring nonnumeric characters
- Don't want mysql to auto cast String to Integer
- Converting varchar to int using phpmyadmin
- mysql automatically cast strings to integer
- Converting column type in MySQL
- MySQL different integer datatype operation
- MySQL convert column datatype from VARCHAR to INT
- MySQL automatically cast/convert a string to a number?