SQL Insert error

ace2109 · 5 Aug 2014 at 21:12

Hi Guys,
I keep getting this error in a form that is suppose to insert data into a database table. Any ideas?

Could not enter data: Column count doesn't match value count at row 1

It is being inserted into a database called team_bnlproductions and into a table called hdd_archive

PHP:

<html>
<head>
<title>Add New Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['add']))
{
$dbhost = 'localhost';
$dbuser = '****';
$dbpass = '****';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
  die('Could not connect: ' . mysql_error());
}

if(! get_magic_quotes_gpc() )
{
   $hdd_name = addslashes ($_POST['hdd_name']);
   $date_archived = addslashes ($_POST['date_archived']);
   $project_name = addslashes ($_POST['project_name']);
   $archived_by = addslashes ($_POST['archived_by']);
   $other_information = addslashes ($_POST['other_information']);
}
else
{
   $hdd_name = $_POST['hdd_name'];
   $date_archived = $_POST['date_archived'];
   $project_name = $_POST['project_name'];
   $archived_by = $_POST['archived_by'];
   $other_information = $_POST['other_information'];
}

$sql = "INSERT INTO hdd_archive ".
       "(hdd_name,date_archived,project_name,archived_by,other_information) ".
       "VALUES('$hdd_name','$date_archived','$project_name','$archived_by','$other_information', NOW())";
mysql_select_db('team_bnlproductions');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
  die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Hard Drive Name</td>
<td><input name="hdd_name" type="text" id="hdd_name"></td>
</tr>
<tr>
<td width="100">Date Archived</td>
<td><input name="date_archived" type="text" id="date_archived"></td>
</tr>
<tr>
<td width="100">Project Name	</td>
<td><input name="project_name" type="text" id="project_name"></td>
</tr>
<tr>
<td width="100">Archived By</td>
<td><input name="archived_by" type="text" id="archived_by"></td>
</tr>
<tr>
<td width="100">Other Information</td>
<td><input name="other_information" type="text" id="other_information"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="add" type="submit" id="add" value="Submit Entry">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>

Haircut · 5 Aug 2014 at 21:15

You appear to be setting a timestamp in the values that isn't in the list of columns in your insert statement.

kaku · 5 Aug 2014 at 21:54

Magic quotes feature has been removed from PHP since version 5.4, so I wouldn't rely on it at all (even if it's enabled on your version of PHP, it's still not secure).

Take a look at data sanitation via RegEx; or even better, use a more up-to-date database interface like PDO or MySQLi that support prepared statements. It's far more secure, and since the code is very clearly structured it should be easier to debug.

LePhuronn · 4 Sep 2014 at 17:23

You're specifying 5 columns to receive data, but supplying 6 columns of actual data.

i.e. you've not given a column name for your NOW() timestamp