tags:

views:

1121

answers:

3
+1  Q: 

MySql NOT NULL Constraint doesnot work

I am trying to implement NOT NULL constraint in the customer table which is created as:

CREATE TABLE CUSTOMER(
     cust_id INT(5) NOT NULL AUTO_INCREMENT, 
     PRIMARY KEY(cust_id),
     first_name VARCHAR(25) NOT NULL,
     last_name VARCHAR(25) NOT NULL,
     email VARCHAR(25) NOT NULL,
     password VARCHAR(25) NOT NULL,
     gender VARCHAR(1) NOT NULL,
     city VARCHAR(25) NOT NULL,
     dob DATE NOT NULL,
     pin INT NOT NULL);

After this from a form i am passing values and inserting it as :

$sql= "INSERT INTO customer(first_name,last_name,email,password,gender,city,dob,pin) VALUES('$first_name','$last_name','$email_add','$password','$gender','$city','$DOB','$pin')";

However if i am passing blank values of the fields,Mysql seems to insert them? What can be the possible problem??

+2  A: 

I suspect that's because, in a real DBMS (as opposed to Oracle :-), there is a distinction between a blank value and a NULL value.

Blank strings are perfectly valid for NOT NULL fields. The only value you shouldn't be able to put in a NOT NULL field is, hang on, trying to remember, ... NULL. Yes, that's it. NULL. :-)

Aside: Oracle made a decision many moons ago to treat empty VARCHARs as NULLs and it still haunts them (or it would if I wasn't the only one that refused to use it because of that problem).

If you want your PHP code to work like Oracle (where blanks become NULLs), you're going to have to pre-process the string, something like (pseudocode):

if $first_name == "":
    $first_name = "NULL"
else:
    $first_name = "'" + $first_name + "'"
: : :
$sql= "INSERT INTO customer(" +
    "first_name," +
    "last_name," +
    "emailpassword," +
    "gender," +
    "city," +
    "dob," +
    "pin" +
    ") VALUES (" + 
        $first_name + "," +
        "'$last_name'" + "," +
        "'$email_add'" + "," +
        "'$password'" + "," +
        "'$gender'" +
        ",'$city'" + "," +
        "'$DOB'" + "," +
        "'$pin'" +
    ")";

and so on for the other fields which can be NULL as well. I've only shown how to do it for $first_name.

That will cause your first_name column in the INSERT statement to be either NULL or the value of $first_name surrounded by single quotes.

Keep in mind all these fields should be checked and/or modified to prevent SQL injection attacks.

paxdiablo  2009-05-11 06:46:08
How do i get it right?? I have used oracle before.. Am trying out MYSQL and struggling a bit. How do I pass the null valuse from the form??
Arkid  2009-05-11 06:48:34
This sample code ("'" + $first_name + "'") to SQL injection attacks. You have to escape quotes and backslashes in $first_name (for MySQL, use addslashes($first_names) unless the magic quotes already did that).
pts  2009-05-11 07:04:26
@pts, the code as it was has that vulnerability and, yes, it should be fixed but that wasn't what the question was about.
paxdiablo  2009-05-11 07:20:23
+2  A:  
$sql= "INSERT INTO customer(first_name,last_name,email,password,gender,city,dob,pin) VALUES('$first_name',".
($last_name?"'".$last_name."'":"NULL").
", '$email_add','$password','$gender','$city','$DOB','$pin')";

This will be:

VALUES('ahm',NULL,'[email protected]' ...

And because of NOT NULL nothing will be inserted.

Vili  2009-05-11 06:56:49
A: 

Some additional information from the docs here:

http://dev.mysql.com/doc/refman/5.0/en/problems-with-null.html

weevilgenius  2009-05-12 07:00:00

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL