Hi all,
Using the highscore tutorial as a base I built a mysql table made up of 10 fields.
when the php sends the request to insert a new entry with only two fields filled:
$query = "INSERT INTO players values (NULL, '$name', '$construct');";
it returns a
QUERY FAILED: Column count doesn't match value count at row 1
It seems that adding entry needs all 10 fields, is this it ?
There are multiple ways to format INSERT statements. One is:
INSERT INTO mytable ('value1', 'value2', 'value3')
You must match the column counts here exactly.
Another is:
INSERT INTO mytable (column1, column2, column3) VALUES ('value1', 'value2', 'value3')
This lets you insert into only a select number of columns. Columns will skip will default to NULL, if they allow NULL values, or a default value (usually zero or an empty string).
The final is:
INSERT INTO mytable SET column1='value1', column2='value2', column3='value3'
Same thing, but better formatting because value/key pairs are grouped. I usually format as:
INSERT INTO mytable
SET
column1='value1'
,column2='value2'
,column3='value3'
Commas on following lines makes it easier to remember they’re there…
Thanks, that’s great help and I am getting closer, no more error but no insert yet.
So I think I need to escape strings I send to mySQL isn’t it. Am I right ?
INSERT INTO players SET name=laurent, construct=0 4 0 0 0 0 1 -0.5062456 0.05511785 -30.96062 1
0 4 0 0 0 0 1 -0.5062456 0.05511785 -35.4644 1
<?php
$db = mysql_connect('localhost', 'llavigne', '--') or die('COULD NOT CONNECT: ' . mysql_error());
mysql_select_db('llavigne') or die('COULD NOT SELECT DATABASE');
echo('SaveConstruct.php called :: ');
$name = 'anonymous';
$construct = '000';
$name = mysql_real_escape_string($_POST['name']);
$construct = mysql_real_escape_string ()$_POST['construct']);
$hash = mysql_real_escape_string ()$_POST['hash']);
$secretKey="--"; # Change this value to match the value stored in the client javascript below
$realHash = md5($name + $construct + $secretKey);
print "-name: " . $name . " -construct: " . $construct . " -hash: " . $hash . " -realHash: " . $realHash ."\n";
// if($realHash == $hash)
{
// Send variables for the MySQL database class.
$query = "INSERT INTO players SET name=".$name.", construct=".$construct;
print " QUERY : " . $query;
$result = mysql_query($query) or die("QUERY FAILED: " . mysql_error());
}
// else
// echo ('wrong hashhhh code');
?>
not sure but you surely should put the values / variables you assign into ‘’ like myvalue=‘$someString’
like this ?
$query = “INSERT INTO players SET name=‘$name’, construct=‘$construct’”;
It doesn’t do anything ie: the print returns nothing.
(php syntaxe is creative)
This is a string for an update “update table set column1=value… where…”
For an insert you have “insert into players (name,…) values (‘laurent’,…)”
YESSSSSSSSSSSS !!
It’s working !
The trouble came from a few weird typos which php doesn’t return any error for.
Thanks Dreamora amd Matt.
That isn’t really PHP syntax though, your query string is an SQL query for MySQL.
Also, were your errors that when you called the php function to escape using MySQL that you were passing blank strings instead of the POST data?
$name = 'anonymous';
$construct = '000';
$name = mysql_real_escape_string($_POST['name']);
$construct = mysql_real_escape_string ($_POST['construct']);
The first two lines never do anything because they are immediately replaced by the last two lines.