|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
 |
|
|
LinkBack | Outils de la discussion |
16/07/2007, 19h28
|
#1 (permalink) |
Messages: n/a
Hébergeur: |
Newbie question about UNIQUE MySQL v5.0.22
Hi all,
I need some ... My Example: Field: Bank Account Nº: 12353545456 & Field: Bank Account Nº: (Empty) The nº must be unique but could be empty also... What is the SQL? It's Possible? Best Regards PiRiCa |
|
|
16/07/2007, 19h37
|
#2 (permalink) |
|
Messages: n/a
Hébergeur: |
Re: Newbie question about UNIQUE MySQL v5.0.22
On Mon, 16 Jul 2007 20:28:01 +0200, nelson.salvador@gmail.com
<nelson.salvador@gmail.com> wrote: > Hi all, > > I need some ... > > My Example: > > Field: Bank Account Nº: 12353545456 & Field: Bank Account Nº: (Empty) > > The nº must be unique but could be empty also... > > What is the SQL? It's Possible? Allow NULL values, and use that for unknowns. So not an empty string, not 0, but NULL. AlTER TABLE table ADD UNIQUE(`bank_acccount`); -- Rik Wasmus |
|
|
|
21/07/2007, 00h37
|
#3 (permalink) |
|
Messages: n/a
Hébergeur: |
Re: Newbie question about UNIQUE MySQL v5.0.22
I have my code working now! Unique field: ncheque If emply will be NULL value PHP: if($_POST["titular"]!="" && $_POST["valorcheque"]!="" && $_POST["banco"]!="" && $_POST["datavencimento"]!=""){ $tipo_pagamento = $_POST["tipo_pagamento"]; $ncheque = $_POST["ncheque"]; $ncheque = ($ncheque != "") ? "'" . $ncheque . "'" : "NULL"; $titular = $_POST["titular"]; $valorcheque = virgulatoponto($_POST["valorcheque"]); $banco = $_POST["banco"]; $vencimento = datatobanco($_POST["datavencimento"]); $cidadeorigem = $_POST["cidadeorigem"]; $notas = $_POST["notas"]; $recibo = $_POST["recibo"]; $compra = $_POST["compra"]; $data = date("Y-m-d"); $db = new Database(); $db->query("Insert into pagamentos (tipo_pagamento,titular,ncheque,vencimento,valor,d atacadastro,banco,cidadeo rigem,notas,recibo,compra) values ('$tipo_pagamento','$titular', $ncheque,'$vencimento','$valorcheque','$data','$ba nco','$cidadeorigem','$no tas','$recibo','$compra')"); } SQL: CREATE TABLE `pagamentos` ( `ID` int(6) NOT NULL auto_increment, `tipo_pagamento` varchar(12) default NULL, `titular` varchar(80) default NULL, `ncheque` varchar(10) default NULL, `valor` float(10,2) default NULL, `vencimento` date default NULL, `datacadastro` date default NULL, `banco` tinyint(6) default NULL, `cidadeorigem` varchar(60) default NULL, `notas` longtext, `recibo` varchar(20) default NULL, `compra` longtext, PRIMARY KEY (`ID`), UNIQUE KEY `ncheque` (`ncheque`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Best Regards, PiRiCa |
|
|
|
21/07/2007, 00h46
|
#4 (permalink) |
|
Messages: n/a
Hébergeur: |
Re: Newbie question about UNIQUE MySQL v5.0.22
On Sat, 21 Jul 2007 01:37:24 +0200, nelson.salvador@gmail.com
<nelson.salvador@gmail.com> wrote: > > I have my code working now! > > > Unique field: ncheque > If emply will be NULL value > > > PHP: > > > if($_POST["titular"]!="" && $_POST["valorcheque"]!="" && > $_POST["banco"]!="" && $_POST["datavencimento"]!=""){ > $tipo_pagamento = $_POST["tipo_pagamento"]; > $ncheque = $_POST["ncheque"]; > $ncheque = ($ncheque != "") ? "'" . $ncheque . "'" : > "NULL"; > $titular = $_POST["titular"]; > $valorcheque = virgulatoponto($_POST["valorcheque"]); > $banco = $_POST["banco"]; > $vencimento = datatobanco($_POST["datavencimento"]); > $cidadeorigem = $_POST["cidadeorigem"]; > $notas = $_POST["notas"]; > $recibo = $_POST["recibo"]; > $compra = $_POST["compra"]; > $data = date("Y-m-d"); > $db = new Database(); > $db->query("Insert into pagamentos > (tipo_pagamento,titular,ncheque,vencimento,valor,d atacadastro,banco,cidadeo > > rigem,notas,recibo,compra) > values ('$tipo_pagamento','$titular', > $ncheque,'$vencimento','$valorcheque','$data','$ba nco','$cidadeorigem','$no > > tas','$recibo','$compra')"); > } OK, and now is the time to learn about SQL-injection, and that you really should escape your strings. People could destroy your database with the form now. -- Rik Wasmus |
|
|
|
21/07/2007, 09h01
|
#5 (permalink) |
|
Messages: n/a
Hébergeur: |
Re: Newbie question about UNIQUE MySQL v5.0.22
Hi Rick,
Could you make some examples "how to" can someone could destroy my database? ehheh This will be only to use in "localhost" intranet only... Only me working with this... But could you protect my code in better way? Best regards, PiRiCa > OK, and now is the time to learn about SQL-injection, and that you really > should escape your strings. People could destroy your database with the > form now. > -- > Rik Wasmus |
|
|
|
21/07/2007, 15h36
|
#6 (permalink) |
|
Messages: n/a
Hébergeur: |
Re: Newbie question about UNIQUE MySQL v5.0.22
nelson.salvador@gmail.com wrote:
>> OK, and now is the time to learn about SQL-injection, and that you really >> should escape your strings. People could destroy your database with the >> form now. >> -- >> Rik Wasmus > > Hi Rick, > > Could you make some examples "how to" can someone could destroy my > database? > ehheh > > This will be only to use in "localhost" intranet only... > Only me working with this... > > But could you protect my code in better way? > > Best regards, > PiRiCa > (Top posting fixed) Google for SQL Injection. It can be very educational. And the vast majority of corporate computer crime still originates within the company - dissatisfied employees, etc. Just because you're on an intranet doesn't mean you're safe. And please don't top post. Thanks. -- ================== Remove the "x" from my email address Jerry Stuckle JDS Computer Training Corp. jstucklex@attglobal.net ================== |
|
|
|
| Outils de la discussion | |
|
|
