0

I have SQL syntax:

$input = mysql_query("INSERT INTO member (id_member, fullname, username, password, email, phone, ktp, address) VALUES ('$idm', '$fullname','$username', '$password', '$email', '$phone', '$ktp', '$address')") or die ("Error..".mysql_error());

When I'm running this code i got an error like this (Column doesn't match value count at row 1).

Improve this question
4
  • 3
    $address perhaps having single quote in the string, so better start using prepared statement. Commented Jun 12, 2015 at 8:18
  • Can you edit your question and show the value of all 8 variables? Commented Jun 12, 2015 at 8:19
  • Can you echo out the statement and port the result. I t looks like you have a ',' in your variables. Commented Jun 12, 2015 at 8:20
  • 1
    Stop using deprecated mysql_* API. Use mysqli_*or PDO with prepared statement. Commented Jun 12, 2015 at 8:21

1 Answer 1

Reset to default
-1

single quotation mark '' does not parse the variable rather than send whatever inside as it is, so basically you insert a string valued $idm itself instead of its value. So what you need is to make the variable out of the string.

$input = mysql_query("INSERT INTO member (id_member, fullname, username, password, email, phone, ktp, address) VALUES ('".$idm."', '".$fullname."','".$username."', '".$password."', '".$email".', '".$phone."', '".$ktp."', '".$address."')") or die ("Error..".mysql_error());
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Do you mind adding a common warning about SQL injection?

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.