Newbie question about UNIQUE MySQL v5.0.22
Hi all,
I need some help...
My Example:
Field: Bank Account N=BA: 12353545456 & Field: Bank Account N=BA: (Empty)
The n=BA must be unique but could be empty also...
What is the SQL? It's Possible?
Best Regards
PiRiCa
Re: Newbie question about UNIQUE MySQL v5.0.22
On Mon, 16 Jul 2007 20:28:01 +0200, nelson.salvador [at] gmail.com
<nelson.salvador [at] gmail.com> wrote:
> Hi all,
>
> I need some help...
>
> My Example:
>
> Field: Bank Account Nš: 12353545456 & Field: Bank Account Nš: (Empty)
>
> The nš must be unique but could be empty also...
>
> What is the SQL? It's Possible?
Allow NULL values, and use that for unknowns. So not an empty string, not
0, but NULL.
AlTER TABLE table ADD UNIQUE(`bank_acccount`);
--
Rik Wasmus
Re: Newbie question about UNIQUE MySQL v5.0.22
On Mon, 16 Jul 2007 20:28:01 +0200, nelson.salvador [at] gmail.com
<nelson.salvador [at] gmail.com> wrote:
> Hi all,
>
> I need some help...
>
> My Example:
>
> Field: Bank Account Nš: 12353545456 & Field: Bank Account Nš: (Empty)
>
> The nš must be unique but could be empty also...
>
> What is the SQL? It's Possible?
Allow NULL values, and use that for unknowns. So not an empty string, not
0, but NULL.
AlTER TABLE table ADD UNIQUE(`bank_acccount`);
--
Rik Wasmus
Re: Newbie question about UNIQUE MySQL v5.0.22
Hi Rik
Yes.... have to be NULL
Many Thanks!!
I have my code working now!
Unique field: ncheque
If emply will be NULL value
PHP:
if($_POST["titular"]!=3D"" && $_POST["valorcheque"]!=3D"" &&
$_POST["banco"]!=3D"" && $_POST["datavencimento"]!=3D""){
$tipo_pagamento =3D $_POST["tipo_pagamento"];
$ncheque =3D $_POST["ncheque"];
$ncheque =3D ($ncheque !=3D "") ? "'" . $ncheque . "'" :
"NULL";
$titular =3D $_POST["titular"];
$valorcheque =3D virgulatoponto($_POST["valorcheque"]);
$banco =3D $_POST["banco"];
$vencimento =3D datatobanco($_POST["datavencimento"]);
$cidadeorigem =3D $_POST["cidadeorigem"];
$notas =3D $_POST["notas"];
$recibo =3D $_POST["recibo"];
$compra =3D $_POST["compra"];
$data =3D date("Y-m-d");
$db =3D new Database();
$db->query("Insert into pagamentos
(tipo_pagamento,titular,ncheque,vencimento,valor,datacadastr o,banco,cidadeo=
=AD
rigem,notas,recibo,compra)
values ('$tipo_pagamento','$titular',
$ncheque,'$vencimento','$valorcheque','$data','$banco','$cid adeorigem','$no=
=AD
tas','$recibo','$compra')");
}
SQL:
CREATE TABLE `pagamentos` (
`ID` int(6) NOT NULL auto_increment,
`tipo_pagamento` varchar(12) default NULL,
`titular` varchar(80) default NULL,
`ncheque` varchar(10) default NULL,
`valor` float(10,2) default NULL,
`vencimento` date default NULL,
`datacadastro` date default NULL,
`banco` tinyint(6) default NULL,
`cidadeorigem` varchar(60) default NULL,
`notas` longtext,
`recibo` varchar(20) default NULL,
`compra` longtext,
PRIMARY KEY (`ID`),
UNIQUE KEY `ncheque` (`ncheque`)
) ENGINE=3DMyISAM DEFAULT CHARSET=3Dlatin1;
Best Regards,
PiRiCa
Re: Newbie question about UNIQUE MySQL v5.0.22
I have my code working now!
Unique field: ncheque
If emply will be NULL value
PHP:
if($_POST["titular"]!=3D"" && $_POST["valorcheque"]!=3D"" &&
$_POST["banco"]!=3D"" && $_POST["datavencimento"]!=3D""){
$tipo_pagamento =3D $_POST["tipo_pagamento"];
$ncheque =3D $_POST["ncheque"];
$ncheque =3D ($ncheque !=3D "") ? "'" . $ncheque . "'" :
"NULL";
$titular =3D $_POST["titular"];
$valorcheque =3D virgulatoponto($_POST["valorcheque"]);
$banco =3D $_POST["banco"];
$vencimento =3D datatobanco($_POST["datavencimento"]);
$cidadeorigem =3D $_POST["cidadeorigem"];
$notas =3D $_POST["notas"];
$recibo =3D $_POST["recibo"];
$compra =3D $_POST["compra"];
$data =3D date("Y-m-d");
$db =3D new Database();
$db->query("Insert into pagamentos
(tipo_pagamento,titular,ncheque,vencimento,valor,datacadastr o,banco,cidadeo=
=AD=AD
rigem,notas,recibo,compra)
values ('$tipo_pagamento','$titular',
$ncheque,'$vencimento','$valorcheque','$data','$banco','$cid adeorigem','$no=
=AD=AD
tas','$recibo','$compra')");
}
SQL:
CREATE TABLE `pagamentos` (
`ID` int(6) NOT NULL auto_increment,
`tipo_pagamento` varchar(12) default NULL,
`titular` varchar(80) default NULL,
`ncheque` varchar(10) default NULL,
`valor` float(10,2) default NULL,
`vencimento` date default NULL,
`datacadastro` date default NULL,
`banco` tinyint(6) default NULL,
`cidadeorigem` varchar(60) default NULL,
`notas` longtext,
`recibo` varchar(20) default NULL,
`compra` longtext,
PRIMARY KEY (`ID`),
UNIQUE KEY `ncheque` (`ncheque`)
) ENGINE=3DMyISAM DEFAULT CHARSET=3Dlatin1;
Best Regards,
PiRiCa
Re: Newbie question about UNIQUE MySQL v5.0.22
On Sat, 21 Jul 2007 01:37:24 +0200, nelson.salvador [at] gmail.com
<nelson.salvador [at] gmail.com> wrote:
>
> I have my code working now!
>
>
> Unique field: ncheque
> If emply will be NULL value
>
>
> PHP:
>
>
> if($_POST["titular"]!="" && $_POST["valorcheque"]!="" &&
> $_POST["banco"]!="" && $_POST["datavencimento"]!=""){
> $tipo_pagamento = $_POST["tipo_pagamento"];
> $ncheque = $_POST["ncheque"];
> $ncheque = ($ncheque != "") ? "'" . $ncheque . "'" :
> "NULL";
> $titular = $_POST["titular"];
> $valorcheque = virgulatoponto($_POST["valorcheque"]);
> $banco = $_POST["banco"];
> $vencimento = datatobanco($_POST["datavencimento"]);
> $cidadeorigem = $_POST["cidadeorigem"];
> $notas = $_POST["notas"];
> $recibo = $_POST["recibo"];
> $compra = $_POST["compra"];
> $data = date("Y-m-d");
> $db = new Database();
> $db->query("Insert into pagamentos
> (tipo_pagamento,titular,ncheque,vencimento,valor,datacadastr o,banco,cidadeo
>
> rigem,notas,recibo,compra)
> values ('$tipo_pagamento','$titular',
> $ncheque,'$vencimento','$valorcheque','$data','$banco','$cid adeorigem','$no
>
> tas','$recibo','$compra')");
> }
OK, and now is the time to learn about SQL-injection, and that you really
should escape your strings. People could destroy your database with the
form now.
--
Rik Wasmus
Re: Newbie question about UNIQUE MySQL v5.0.22
Hi Rick,
Could you make some examples "how to" can someone could destroy my
database?
ehheh
This will be only to use in "localhost" intranet only...
Only me working with this...
But could you protect my code in better way?
Best regards,
PiRiCa
> OK, and now is the time to learn about SQL-injection, and that you really
> should escape your strings. People could destroy your database with the
> form now.
> --
> Rik Wasmus
Re: Newbie question about UNIQUE MySQL v5.0.22
nelson.salvador [at] gmail.com wrote:
>> OK, and now is the time to learn about SQL-injection, and that you really
>> should escape your strings. People could destroy your database with the
>> form now.
>> --
>> Rik Wasmus
>
> Hi Rick,
>
> Could you make some examples "how to" can someone could destroy my
> database?
> ehheh
>
> This will be only to use in "localhost" intranet only...
> Only me working with this...
>
> But could you protect my code in better way?
>
> Best regards,
> PiRiCa
>
(Top posting fixed)
Google for SQL Injection. It can be very educational.
And the vast majority of corporate computer crime still originates
within the company - dissatisfied employees, etc. Just because you're
on an intranet doesn't mean you're safe.
And please don't top post. Thanks.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex [at] attglobal.net
==================
Re: Newbie question about UNIQUE MySQL v5.0.22
I have my code working now!
Unique field: ncheque
If emply will be NULL value
PHP:
if($_POST["titular"]!=3D"" && $_POST["valorcheque"]!=3D"" &&
$_POST["banco"]!=3D"" && $_POST["datavencimento"]!=3D""){
$tipo_pagamento =3D $_POST["tipo_pagamento"];
$ncheque =3D $_POST["ncheque"];
$ncheque =3D ($ncheque !=3D "") ? "'" . $ncheque . "'" :
"NULL";
$titular =3D $_POST["titular"];
$valorcheque =3D virgulatoponto($_POST["valorcheque"]);
$banco =3D $_POST["banco"];
$vencimento =3D datatobanco($_POST["datavencimento"]);
$cidadeorigem =3D $_POST["cidadeorigem"];
$notas =3D $_POST["notas"];
$recibo =3D $_POST["recibo"];
$compra =3D $_POST["compra"];
$data =3D date("Y-m-d");
$db =3D new Database();
$db->query("Insert into pagamentos
(tipo_pagamento,titular,ncheque,vencimento,valor,datacadastr o,banco,cidadeo=
=AD=AD
rigem,notas,recibo,compra)
values ('$tipo_pagamento','$titular',
$ncheque,'$vencimento','$valorcheque','$data','$banco','$cid adeorigem','$no=
=AD=AD
tas','$recibo','$compra')");
}
SQL:
CREATE TABLE `pagamentos` (
`ID` int(6) NOT NULL auto_increment,
`tipo_pagamento` varchar(12) default NULL,
`titular` varchar(80) default NULL,
`ncheque` varchar(10) default NULL,
`valor` float(10,2) default NULL,
`vencimento` date default NULL,
`datacadastro` date default NULL,
`banco` tinyint(6) default NULL,
`cidadeorigem` varchar(60) default NULL,
`notas` longtext,
`recibo` varchar(20) default NULL,
`compra` longtext,
PRIMARY KEY (`ID`),
UNIQUE KEY `ncheque` (`ncheque`)
) ENGINE=3DMyISAM DEFAULT CHARSET=3Dlatin1;
Best Regards,
PiRiCa
Re: Newbie question about UNIQUE MySQL v5.0.22
On Sat, 21 Jul 2007 01:37:24 +0200, nelson.salvador [at] gmail.com
<nelson.salvador [at] gmail.com> wrote:
>
> I have my code working now!
>
>
> Unique field: ncheque
> If emply will be NULL value
>
>
> PHP:
>
>
> if($_POST["titular"]!="" && $_POST["valorcheque"]!="" &&
> $_POST["banco"]!="" && $_POST["datavencimento"]!=""){
> $tipo_pagamento = $_POST["tipo_pagamento"];
> $ncheque = $_POST["ncheque"];
> $ncheque = ($ncheque != "") ? "'" . $ncheque . "'" :
> "NULL";
> $titular = $_POST["titular"];
> $valorcheque = virgulatoponto($_POST["valorcheque"]);
> $banco = $_POST["banco"];
> $vencimento = datatobanco($_POST["datavencimento"]);
> $cidadeorigem = $_POST["cidadeorigem"];
> $notas = $_POST["notas"];
> $recibo = $_POST["recibo"];
> $compra = $_POST["compra"];
> $data = date("Y-m-d");
> $db = new Database();
> $db->query("Insert into pagamentos
> (tipo_pagamento,titular,ncheque,vencimento,valor,datacadastr o,banco,cidadeo
>
> rigem,notas,recibo,compra)
> values ('$tipo_pagamento','$titular',
> $ncheque,'$vencimento','$valorcheque','$data','$banco','$cid adeorigem','$no
>
> tas','$recibo','$compra')");
> }
OK, and now is the time to learn about SQL-injection, and that you really
should escape your strings. People could destroy your database with the
form now.
--
Rik Wasmus
Re: Newbie question about UNIQUE MySQL v5.0.22
Hi Rick,
Could you make some examples "how to" can someone could destroy my
database?
ehheh
This will be only to use in "localhost" intranet only...
Only me working with this...
But could you protect my code in better way?
Best regards,
PiRiCa
> OK, and now is the time to learn about SQL-injection, and that you really
> should escape your strings. People could destroy your database with the
> form now.
> --
> Rik Wasmus
Re: Newbie question about UNIQUE MySQL v5.0.22
nelson.salvador [at] gmail.com wrote:
>> OK, and now is the time to learn about SQL-injection, and that you really
>> should escape your strings. People could destroy your database with the
>> form now.
>> --
>> Rik Wasmus
>
> Hi Rick,
>
> Could you make some examples "how to" can someone could destroy my
> database?
> ehheh
>
> This will be only to use in "localhost" intranet only...
> Only me working with this...
>
> But could you protect my code in better way?
>
> Best regards,
> PiRiCa
>
(Top posting fixed)
Google for SQL Injection. It can be very educational.
And the vast majority of corporate computer crime still originates
within the company - dissatisfied employees, etc. Just because you're
on an intranet doesn't mean you're safe.
And please don't top post. Thanks.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex [at] attglobal.net
==================
PHP » alt.php » Newbie question about UNIQUE MySQL v5.0.22
