How to mysql_real_escape_string a zero

Question

I'm trying to input a phone number from a html form to my MySQL database with mysql_real_escape_string. The number is 0123456789, but it's written as 23456789 in my database. Does anyone know how to insert that zero along with the other numbers in my database, or if there is any way to break the form value in to characters then input them one by one into my MySQL db?

Here's my code that doesn't input the zero:

<?php
$Phone = mysql_real_escape_string($_POST['phone']);
mysql_query("INSERT INTO `user` (`phone`) VALUES ('{$Phone}')");
?>

Answer 1

That has nothing to do with escaping. You need to store the value as a string, not an integer, if you want to maintain leading zeros.

Answer 2

You should change data type to varchar(10) and if you will want later to process it as number just parse it from string. Number 01xxx doesn't exist in databases.

Answer 3

PHP is loosely typed. Assuming the phone field is being stored as a VARCHAR / CHAR and not a numeric datatype, the escape string is doing what it should. PHP will see the data in the $_POST variable as an integer, and will truncate the 0 at the front before passing it to the mysql_real_escape_string() function. If you modify the argument to ( '' . $_POST['phone'] ), it will cast to a string and work as intended.

<?php 
    $phone = mysql_real_escape_string( '' . $_POST['phone'] );