mysql automatically cast strings to integer

Question

I\'ve just noticed that if I do a MySQL request like this one:

SELECT 1 FROM myTable WHERE id = \'asdf\'

Then the string \'asdf\' is casted

Answer 1

Just write your queries so that they don't use numeric fields as if they were textual ones.

If id is a numeric field, then your where clause can never be useful. Yes, it would be good if MySQL actively complained about it - but fundamentally you shouldn't be writing code which runs bad queries to start with.

How did that query enter your system? Is the 'asdf' part direct user input? Can you use parameterized SQL instead?

If you're genuinely intending to query a numeric field, you should make sure that your input is numeric first. Convert the text to an integer in your calling code, not in the database.