Debug PDO mySql insert NULL into database instead of empty

Question

I am trying to dynamically insert \'NULL\' into the database using PDO.

TABLE STRUCTURE:

CREATE TABLE IF NOT EXISTS `Fixes` (
  `Id` int(11) NOT NULL         


        

Answer 1

This appears to me to be a(n unreported?) bug in PDO's prepared statement emulation:

1. the implementation of PDOStatement::execute() eventually invokes pdo_parse_params();

2. that, in turn, attempts to quote/escape values based on the relevant parameter's data type (as indicated by the $data_type arguments to PDOStatement::bindValue() and PDOStatement::bindParam()—all parameters provided as $input_parameters to PDOStatement::execute() are treated as PDO::PARAM_STR, as stated in the documentation of that function);

3. string-typed values are escaped/quoted by calling the relevant database driver's quoter() method irrespective of whether they are null: in the case of PDO_MySQL, that's mysql_handle_quoter(), which (eventually) passes the value to either mysqlnd_cset_escape_quotes() or mysql_cset_escape_slashes(), depending on the server's NO_BACKSLASH_ESCAPES SQL mode;

4. given a null argument, both of those functions return an empty string.

My opinion is that, prior to switching on the parameter's type (in step 2 above), pdo_parse_params() should set the type to PDO::PARAM_NULL if the value is null. However, some might argue that this would prevent type-specific handling of null values where appropriate, in which case the string case (in step 3 above) should definitely handle null values before proceeding with a call to the driver's quoter() method.

As an interim workaround, disabling prepared statement emulation is usually for the best anyway:

$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, FALSE);