Need helps

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
xbear1982
Forum Newbie
Posts: 9
Joined: Sun Aug 18, 2013 10:50 pm

Need helps

Post by xbear1982 »

Hi Guys
I am new to study on php, I need to ask any one please give me some advise in the following code

Code: Select all

<?php
$con=mysqli_connect("localhost","root","01959719","aqurium");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }


$ID=$_POST['ID']; 
 $FirstName=$_POST['FirstName']; 
 
 mysql_select_db("aqurium") or die(mysql_error()); 
 mysql_query("INSERT INTO `employee` VALUES ('$ID', '$FirstName')"); 


if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
echo "1 record added";

mysqli_close($con);
?> 
it come up with this error:
Error: Column count doesn't match value count at row 1
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: Need helps

Post by Celauran »

You've got a mix of mysql_ and mysqli_ in there. mysql_ has been deprecated; don't use it. You're passing unescaped data directly into your query. This is not safe at all. Sanitize your inputs or, better, make use of prepared statements. Finally, you've specified the values but not the columns. If you have more than just those two columns in your database table, MySQL won't know what goes where and will complain.

Try something like this:

Code: Select all

<?php

$sql = new PDO('mysql:host=localhost;dbname=aqurium', 'username', 'password');

if (!empty($_POST)) {
	$query = "INSERT INTO `employee` (`ID`, `First_Name`) VALUES (:id, :first_name)";
	$stmt = $sql->prepare($query);
	$stmt->execute(array(':id' => $_POST['ID'], ':first_name' => $_POST['FirstName']));
}
xbear1982
Forum Newbie
Posts: 9
Joined: Sun Aug 18, 2013 10:50 pm

Re: Need helps

Post by xbear1982 »

Thank you very much, I will tried it out.
akhilesh1010
Forum Newbie
Posts: 15
Joined: Thu Aug 22, 2013 1:56 am

Re: Need helps

Post by akhilesh1010 »

Remove single quote from variables in query then try .
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Need helps

Post by requinix »

akhilesh1010 wrote:Remove single quote from variables in query then try .
The quotes are necessary.
Post Reply