Having an issue with PHP - MYSQL query. "Column count doesn't match value count at row 1"

TheMechanic · February 26, 2015, 9:49am

Hello,

I am having an issue with my form submission. I have read all related posts but none of them really solved my issue. I have triple checked the number of fields and values and they match 100%. I would really appreciate if someone can help me out.

This is the message I get: Issue with DB query. “Column count doesn’t match value count at row 1”

$table="bayi_basvuru";
$sql="INSERT INTO bayi_basvuru(
            company_name,
            city,
            operation_area,
            authorized_person,
            authorized_email,
            authorized_tel,
            company_url,
            created_at
        )VALUES(
            '{$_POST["company_name"]}',
            '{$_POST["city"]}',               ----------> This is a select field
            '{$_POST["operation_area"]}'    ----------> This is also a select field           
            '{$_POST["authorized_person"]}',
            '{$_POST["authorized_email"]}',
            '{$_POST["authorized_tel"]}',
            '{$_POST["company_url"]}',
            NOW()
        )";
    }

davidtsadler · February 26, 2015, 2:40pm

Your example is missing a comma. I don’t know if it was lost when the code was pasted into the forum or if is missing in the original but it needs to be,

'{$_POST["operation_area"]}',

TheMechanic · February 26, 2015, 6:12pm

OMG thanks a lot. After 7 hours straight I might have been hallucinating or something.

SpacePhoenix · February 26, 2015, 7:29pm

You need to be using prepared statements as that query is wide open to SQL Injection attack

Mittineague · February 26, 2015, 7:44pm

Another example of why @r937 's oft suggested “leading comma” format is a good idea eg.

$sql="INSERT INTO bayi_basvuru(
            company_name
           , city
           , operation_area
           , authorized_person
           , authorized_email
           , authorized_tel
           , company_url
           , created_at
        )VALUES(
            '{$_POST["company_name"]}'
           , '{$_POST["city"]}'               ----------> This is a select field
           , '{$_POST["operation_area"]}'    ----------> This is also a select field           
            '{$_POST["authorized_person"]}'
           , '{$_POST["authorized_email"]}'
           , '{$_POST["authorized_tel"]}'
           , '{$_POST["company_url"]}'
           , NOW()
        )";
    }

r937 · February 26, 2015, 8:20pm

[quote=“Mittineague, post:5, topic:113959”]
Another example of why @r937 's oft suggested “leading comma” format is a good idea [/quote]

thank you so much for the support

i am still deeply wounded by losing the overall battle with sitepoint’s book editor regarding coding style, which resulted in all the code samples in my book being butchered…

… but i am happy to say that i won the fight over the leading comma, even despite disagreement by Joe Celko, technical reviewer of the book

it remains my steadfast belief that any coder, of any computer language, who has ever used a text editor to perform operations like deleting an entire line of code, will, once the advantages are seen, gladly embrace the leading comma convention

TheMechanic · February 27, 2015, 11:42am

Hello SpacePhoenix,

Thanks for the warning. I have just started learning PHP and never used prepared statements before. Would you be able to recommend any tutorials on this feature?

Thanks…

SpacePhoenix · February 27, 2015, 7:23pm

Are you using PDO to access the MySQL database?

TheMechanic · February 27, 2015, 7:44pm

No. I am using mysqli_connect.

system · May 30, 2015, 2:52am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.