Related
require('config.php');
$sql = sprintf(
"INSERT INTO users (fname,lname,email,contact,pwd,isTeacher ) VALUES ('%s', '%s', '%s', '%s', '%s', '%s')",
$conn->real_escape_string($fname),
$conn->real_escape_string($lname),
$conn->real_escape_string($email),
$conn->real_escape_string($contact),
$conn->real_escape_string($pwd),
$isTeacher );
$conn->query($sql);
// $sql = "INSERT INTO users (fname, lname, email, contact, pwd, isTeacher) VALUES ('$fname, '$lname', '$email', '$contact, '$pwd', '$isTeacher')";
// $conn->query($sql);
if($conn=='true') { echo "Registered successfully";}
else{ echo "Issue entereing data" . $conn->error; }
}
I am trying to add data in users table. if I add data using sprintf, it works and adds just fine. but when I add using commented out syntax, it says check MariaDb syntax to use near '$fname'. What am I doing wrong in the second syntax. why do i have to use sprintf always.
I'm getting this error:
Column count doesn't match value count at row 1
From the following code:
$name = $_GET['name'];
$description = $_GET['description'];
$shortDescription = $_GET['shortDescription'];
$ingredients = $_GET['ingredients'];
$method = $_GET['method'];
//$image = $_GET['image'];
$username = $_GET['username'];
$length = $_GET['length'];
$dateAdded = uk_date();
$conn = mysql_connect('localhost', 'dbname', 'pass');
mysql_select_db('dbname');
$query = sprintf("INSERT INTO dbname (id, Name, Description, shortDescription, Ingredients, Method, Length, dateAdded, Username) VALUES ('', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
mysql_real_escape_string($name),
mysql_real_escape_string($description),
mysql_real_escape_string($shortDescription),
mysql_real_escape_string($ingredients),
//mysql_real_escape_string($image),
mysql_real_escape_string($length),
mysql_real_escape_string($dateAdded),
mysql_real_escape_string($username));
$result = mysql_query($query) or die(mysql_error());
What does the error mean?
You have 9 fields listed, but only 8 values. Try adding the method.
The number of column parameters in your insert query is 9, but you've only provided 8 values.
INSERT INTO dbname (id, Name, Description, shortDescription, Ingredients, Method, Length, dateAdded, Username) VALUES ('', '%s', '%s', '%s', '%s', '%s', '%s', '%s')
The query should omit the "id" parameter, because it is auto-generated (or should be anyway):
INSERT INTO dbname (Name, Description, shortDescription, Ingredients, Method, Length, dateAdded, Username) VALUES ('', '%s', '%s', '%s', '%s', '%s', '%s', '%s')
Your query has 8 or possibly even 9 variables, ie. Name, Description etc. But the values, these things ---> '', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", only total 7, the number of variables have to be the same as the values.
I had the same problem but I figured it out. Hopefully it will also work for you.
I'm trying to make a registration page but PHP is telling me that I have the wrong parameters, which doesn't make sense unless I need to add a parameter for the auto-incremental primary ID key.
Here's my SQL query call:
mysql_query("INSERT INTO Users (username, password, fname, lname, email) VALUES ('%s', '%s', '%s', '%s, '%s')",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($first),
mysql_real_escape_string($last),
mysql_real_escape_string($email)) or die(mysql_error());
It gives me the wrong paramater count on the last line in this code block. Any ideas? I copied and pasted the row-names straight from my database.
my table is as follows:
id - int(11) - auto-incrementing
username - varchar(20)
password - varchar(20)
fname - varchar(35)
lname - varchar(35)
email - varchar(254)
You have formatted the SQL query as a sprintf() call, but don't call sprintf()
mysql_query(sprintf("INSERT INTO Users (username, password, fname, lname, email) VALUES ('%s', '%s', '%s', '%s', '%s')",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($first),
mysql_real_escape_string($last),
mysql_real_escape_string($email))) or die(mysql_error());
// also note some parentheses out of place ^^^^^^^^^^^^^^^^^^^^^^^^
It's PHP that's telling you off about parameters, not MySQL.
You've tried to use mysql_query like sprintf, which it is not. mysql_query accepts an optional database resource identifier, and the query string. Two parameters. That is all.
If you do want to use sprintf, then go for it:
mysql_query(
sprintf(
"INSERT INTO Users (username, password, fname, lname, email) VALUES ('%s', '%s', '%s', '%s, '%s')",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($first),
mysql_real_escape_string($last),
mysql_real_escape_string($email)
)
) or die(mysql_error());
But remember that the first argument to mysql_query is just a string. No magic.
mysql_query(
sprintf("INSERT INTO Users (username, password, fname, lname, email) VALUES ('%s', '%s', '%s', '%s, '%s')",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($first),
mysql_real_escape_string($last),
mysql_real_escape_string($email)))
or die(mysql_error()); // sprintf to build a final string of your query by given format and "or die statement" is outside the mysql_query function call.
I'm getting this error:
Column count doesn't match value count at row 1
From the following code:
$name = $_GET['name'];
$description = $_GET['description'];
$shortDescription = $_GET['shortDescription'];
$ingredients = $_GET['ingredients'];
$method = $_GET['method'];
//$image = $_GET['image'];
$username = $_GET['username'];
$length = $_GET['length'];
$dateAdded = uk_date();
$conn = mysql_connect('localhost', 'dbname', 'pass');
mysql_select_db('dbname');
$query = sprintf("INSERT INTO dbname (id, Name, Description, shortDescription, Ingredients, Method, Length, dateAdded, Username) VALUES ('', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
mysql_real_escape_string($name),
mysql_real_escape_string($description),
mysql_real_escape_string($shortDescription),
mysql_real_escape_string($ingredients),
//mysql_real_escape_string($image),
mysql_real_escape_string($length),
mysql_real_escape_string($dateAdded),
mysql_real_escape_string($username));
$result = mysql_query($query) or die(mysql_error());
What does the error mean?
You have 9 fields listed, but only 8 values. Try adding the method.
The number of column parameters in your insert query is 9, but you've only provided 8 values.
INSERT INTO dbname (id, Name, Description, shortDescription, Ingredients, Method, Length, dateAdded, Username) VALUES ('', '%s', '%s', '%s', '%s', '%s', '%s', '%s')
The query should omit the "id" parameter, because it is auto-generated (or should be anyway):
INSERT INTO dbname (Name, Description, shortDescription, Ingredients, Method, Length, dateAdded, Username) VALUES ('', '%s', '%s', '%s', '%s', '%s', '%s', '%s')
Your query has 8 or possibly even 9 variables, ie. Name, Description etc. But the values, these things ---> '', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", only total 7, the number of variables have to be the same as the values.
I had the same problem but I figured it out. Hopefully it will also work for you.
Ok, when trying to insert into the database I'm getting this error
"You have an error in your SQL syntax;
check the manual that corresponds to
your MySQL server version for the
right syntax to use near '#email.com,
UT, 84505, NOW(), 69.169.186.192)' at
line 1"
I can't figure out the problem. Here is the code for my insert statement.
$insert_query = sprintf("INSERT INTO contacts (first_name, last_name, email, state, zip, date, ip) VALUES (%s, %s, %s, %s, %s, NOW(), %s)",
$fname,
$lname,
$email,
$state,
$zip,
$ip);
$result = mysql_query($insert_query, $connection) or die(mysql_error());
My table has the following structure:
id int(11)
first_name varchar(100)
last_name varchar(100)
email varchar(100)
state varchar(3)
zip int(10)
date datetime
ip varchar(255)
You need to quote all the string-type columns in the insert statement. Replace %s with '%s' in the sprintf format.
Please read about SQL Injection if you haven't done so already.
This may help you..
$insert_query = "INSERT INTO contacts set first_name = '$fname', last_name = '$lname', email = '$email', state = '$state', zip = '$zip', date = ". time() .", ip = '$ip')";
$result = mysql_query($insert_query, $connection) or die(mysql_error());
if you want to check query
echo $insert_query;
It would help if you could echo out the $insert_query, but it looks like you're not putting quotes around the parameters that are varchars.
$insert_query = sprintf("INSERT INTO contacts (first_name, last_name, email, state, zip, date, ip) VALUES ('%s', '%s', '%s', '%s', '%s', NOW(), '%s')",
$fname,
$lname,
$email,
$state,
$zip,
$ip);
By the way, you have an extra column in your insert - NOW doesn't appear related to a column.
I'm assuming ZIP is a varchar column, not a number, by the way.