mysql_real_escape_string(0xffffffff) yields -1

The subject line says it all:

mysql_real_escape_string(0xffffffff) yields -1

What's up with that?

Is there some way to convince mysql_real_escape_string to use BIGINT?

I guess I'll just PCRE for digits and then pass it in and...

But what if somebody passes in some BC Math number?...

--
Some people ask for gifts here.
I just want you to buy an Indie CD for yourself:
http://cdbaby.com/search/from/lynch



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: mysql_real_escape_string(0xffffffff) yields -1

Richard Lynch wrote:
> The subject line says it all:
>
> mysql_real_escape_string(0xffffffff) yields -1
>
> What's up with that?
>
> Is there some way to convince mysql_real_escape_string to use BIGINT?
>
> I guess I'll just PCRE for digits and then pass it in and...
>
> But what if somebody passes in some BC Math number?...
>

Is this a 32 or 64 bit system?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: mysql_real_escape_string(0xffffffff) yields -1

On Fri, 15 Jan 2010 16:22:46 -0600 (CST), "Richard Lynch" wrote:

> The subject line says it all:
>
> mysql_real_escape_string(0xffffffff) yields -1

Says nothing. Are you really asking PHP to convert an
integer literal to string before passing it to m_r_e_s?
That could easily explain the "-1", and I wouldn't be
the least bit surprised if the behaviour varies across
different versions of PHP.

> What's up with that?
>
> Is there some way to convince mysql_real_escape_string to use BIGINT?
>
> I guess I'll just PCRE for digits and then pass it in and...
>
> But what if somebody passes in some BC Math number?...

I think you are confused. mysql_real_escape_string() works
on strings and doesn't care how many 'f' there are or what
a BIGINT is. You're most likely passing "-1" to m_r_e_s.


/Nisse

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: mysql_real_escape_string(0xffffffff) yields -1

On Fri, Jan 15, 2010 at 3:22 PM, Richard Lynch wrote:
> The subject line says it all:
>
> mysql_real_escape_string(0xffffffff) yields -1
>
> What's up with that?
>
> Is there some way to convince mysql_real_escape_string to use BIGINT?
>
> I guess I'll just PCRE for digits and then pass it in and...
>
> But what if somebody passes in some BC Math number?...
>

Try passing it as a string literal, NOT a hexadecimal numeric literal.

mysql_real_escape_string('0xffffffff');

In case you haven't noticed, SQL statements are stored in strings.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: mysql_real_escape_string(0xffffffff) yields -1

LinuxManMikeC wrote:
> On Fri, Jan 15, 2010 at 3:22 PM, Richard Lynch wrote:
>> The subject line says it all:
>>
>> mysql_real_escape_string(0xffffffff) yields -1
>>
>> What's up with that?
>>
>> Is there some way to convince mysql_real_escape_string to use BIGINT?
>>
>> I guess I'll just PCRE for digits and then pass it in and...
>>
>> But what if somebody passes in some BC Math number?...
>>
>
> Try passing it as a string literal, NOT a hexadecimal numeric literal.
>
> mysql_real_escape_string('0xffffffff');
>
> In case you haven't noticed, SQL statements are stored in strings.

And mysql_real_escape_string() expects a string as an argument.

--
Thanks!
-Shawn
http://www.spidean.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php