发表新帖
发表新帖

PDOstatement (MySQL): inserting value 0 into a bit(1) field results in 1 written in table

后端 未结
关注
4 986
醉酒成梦
醉酒成梦 2020-11-30 05:47

I\'m using a bit(1) field to store boolean values and writing into the table using PDO prepared statements.

This is the test table:

CREATE TABLE IF N
相关标签:
4条回答
  • 难免孤独
    2020-11-30 06:21

    pdo by default doesnt use prepared statements for the mysql driver, it emulates them by creating dynamic sql behind the scenes for you. The sql sent to mysql ends up being a single quoted 0 like '0', which mysql interprets as a string, not a number.

    $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

    It should work now, and you also will be actually using real prepared statements.

    0 讨论(0)
  • 渐次进展
    2020-11-30 06:23

    Because prepare adds ' to your parameter, You have only to add b before parameter name

    $statement = $pdo->prepare('INSERT INTO `test` (SomeText,TestBool) VALUES (?, b?)');
$statement->execute(array("TEST", 1 /* or TRUE */));

    Note: you can use 1, 0 or TRUE, FALSE.

    0 讨论(0)
  • 一生所求
    2020-11-30 06:36

    BIT column is a binary type in mysql (though it's documented as numeric type - that's not precisely true) and I advise to avoid it due to problems with client libraries (which PDO issue proves). You will spare yourself a lot of trouble if you modify type of column to TINYINT(1)

    TINYINT(1) will of course consume full byte of storage for every row, but according to mysql docs BIT(1) will do as well.

    from: http://dev.mysql.com/doc/refman/5.1/en/storage-requirements.html

    bit storage requirement is: approximately (M+7)/8 bytes which suggests that BIT(M) column is also byte-aligned.

    Also I found this: https://bugs.php.net/bug.php?id=50757

    So you could check if following code works as you expect:

    $pdo = new PDO("connection string etc") ;
$statement = $pdo->prepare('INSERT INTO `test` (SomeText,TestBool) VALUES (:someText,:testBool)') ;
$statement->bindValue(':someText', "TEST");
$statement->bindValue(':testBool', 0, PDO::PARAM_INT);
$statement->execute();

    You may also try with different type hints than PARAM_INT, still even if you make it work I advice to change to TINYINT.

    0 讨论(0)
  • 爱一瞬间的悲伤
    2020-11-30 06:40

    you could try this without parameter

    if($_POST['bool'] == 1)
{
 $bool = "b'1'";
}
else
{
 $bool = "b'0'";
}
$statement = $pdo->prepare("INSERT INTO `test` (SomeText,TestBool) VALUES (?,$bool)") ;
$statement->execute(array("TEST")) ;

    and no security problem

    0 讨论(0)
 看不清?
提交回复
热议问题