Column count doesn't match value count at row 1
Heb de volgende code gebruikt:
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
<?php
include_once "connect_to_mysql.php";
if (isset($_POST['username'])){
$username = $_POST['username'];
$country = $_POST['country'];
$state = $_POST['state'];
$city = $_POST['city'];
$your_age = $_POST['your_age'];
$adress1 = $_POST['adress1'];
$looking_for = $_POST['looking_for'];
$sexual_orientation = $_POST['sexual_orientation'];
$living_in = $_POST['living_in'];
$accounttype = $_POST['accounttype'];
$email = $_post['email'];
$password = $_POST['password'];
$humancheck = $_POST['humancheck'];
$username = stripslashes($username);
$country = stripslashes($country);
$state = stripslashes($state);
$city = stripslashes($city);
$your_age = stripslashes($your_age);
$adress1 = stripslashes($adress1);
$looking_for = stripslashes($looking_for);
$sexual_orientation = stripslashes($sexual_orientation);
$living_in = stripslashes($living_in);
$accounttype = stripslashes($accounttype);
$email = stripslashes($email);
$password = stripslashes($password);
$username = strip_tags($username);
$country = strip_tags($country);
$state = strip_tags($state);
$city = strip_tags($city);
$your_age = strip_tags($your_age);
$adress1 = strip_tags($adress1);
$looking_for = strip_tags($looking_for);
$sexual_orientation = strip_tags($sexual_orientation);
$living_in = strip_tags($living_in);
$accounttype = strip_tags($accounttype);
$email = strip_tags($email);
$password = strip_tags($password);
$sql_email_check = mysql_query("SELECT id FROM meetyourpal WHERE email='$email'");
$email_check = mysql_num_rows($sql_email_check);
if((!$username) || (!$country) || (!$state) || (!$city) || (!$your_age) || (!$sexual_orientation) || (!$adress1) || (!$looking_for) || (!$living_in) || (!$accounttype) || (!$email) || (!$password)){
$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$username){
$errorMsg .= '* username<br />';
} if(!$country){
$errorMsg .= '* country<br />';
} if(!$adress1){
$errorMsg .= '* adress1<br />';
} if(!$state){
$errorMsg .= '* state<br />';
} if(!$city){
$errorMsg .= '* city<br />';
} if(!$your_age){
$errorMsg .= '* your_age<br />';
} if(!$looking_for){
$errorMsg .= '* looking_for<br />';
} if(!$sexual_orientation){
$errorMsg .= '* sexual_orientation<br />';
} if(!$living_in){
$errorMsg .= '* living_in<br />';
} if(!$accounttype){
$errorMsg .= '* accounttype<br />';
} if(!$email){
$errorMsg .= '* email<br />';
} if(!$password){
$errorMsg .= '* password<br />';
}
}
$sql_username_check = mysql_query("SELECT id FROM meetyourpal WHERE username='$username' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u>Your User Name is already in use inside our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u>Your Email address is already in use inside our system. Please try another.<br />";
} else if ($human_check!=""){
$errorMsg = "ERROR The human check field must be cleared to be sure you are human<br/>";
} else {
$username = mysql_real_escape_string($username);
$country = mysql_real_escape_string($country);
$state = mysql_real_escape_string($state);
$city = mysql_real_escape_string($city);
$your_age = mysql_real_escape_string($your_age);
$adress1 = mysql_real_escape_string($adress1);
$looking_for = mysql_real_escape_string($looking_for);
$sexual_orientation = mysql_real_escape_string($sexual_orientation);
$living_in = mysql_real_escape_string($living_in);
$accounttype = mysql_real_escape_string($accounttype);
$email = mysql_real_escape_string($email);
$username = ereg_replace("[^A-Za-z0-9]", "", $_POST['username']);
$country = ereg_replace("[^A-Z a-z0-9]", "", $_POST['country']);
$state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['state']);
$city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['city']);
$your_age = ereg_replace("[^A-Z a-z0-9]", "", $_POST['your_age']);
$adress1 = ereg_replace("[^A-Z a-z0-9]", "", $_POST['adress1']);
$looking_for = ereg_replace("[^A-Z a-z0-9]", "", $_POST['looking_for']);
$sexual_orientation = ereg_replace("[^A-Z a-z0-9]", "", $_POST['sexual_orientation']);
$living_in = ereg_replace("[^A-Z a-z0-9]", "", $_POST['living_in']);
$accounttype = ereg_replace("[^a-z]", "", $_POST['accounttype']);
$email = stripslashes($_POST['email']);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']);
$hashedPass = md5($password);
$sql = mysql_query("INSERT INTO meetyourpal (username, adress1, country, state, city, your_age, looking_for, sexual_orientation, living_in, accounttype, email, password)
VALUES('$username','$adress1','$country','$state','$city','$your_age','$looking_for','$sexual_orientation','$living_in','$accounttype','$email','$hashedPass', now())") or die (mysql_error());
$id = mysql_insert_id();
mkdir("members/$id", 0755);
$to = "$email";
$from = "[email protected]";
$subject = "Complete your registration";
$message = '<html>
<body bgcolor="#FFFFFF">
Hi ' . $username . ',
<br /><br />
You must complete this step to activate your account with us.
<br /><br />
Please click here to activate now >>
<a href="activation.php?id=' . $id . '&sequence=$db_password">
ACTIVATE NOW</a>
<br /><br />
Your Login Data is as follows:
<br /><br />
E-mail Address: ' . $email . ' <br />
Password: ' . $password . '
<br /><br />
See you at our site!!!!!
Thanks!
</body>
</html>';
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
$to = "$to";
mail($to, $subject, $message, $headers);
print "<br /><br /><br /><h4>OK $firstname, one last step to verify your email identity:</h4><br />
We just sent an Activation link to: $email<br /><br />
<strong><font color=\"#990000\">Please check your email inbox in a moment</font></strong> to click on the Activation <br />
Link inside the message. After email activation you can log in.";
exit();
}
} else {
$errorMsg = "Fields marked with an [*] are required.";
$username = "";
$country = "";
$state = "";
$city = "" ;
$your_age = "";
$adress1 = "";
$looking_for = "";
$sexual_orientation = "";
$living_in = "";
$accounttype = "";
$email = "";
$password = "";
}
?>
include_once "connect_to_mysql.php";
if (isset($_POST['username'])){
$username = $_POST['username'];
$country = $_POST['country'];
$state = $_POST['state'];
$city = $_POST['city'];
$your_age = $_POST['your_age'];
$adress1 = $_POST['adress1'];
$looking_for = $_POST['looking_for'];
$sexual_orientation = $_POST['sexual_orientation'];
$living_in = $_POST['living_in'];
$accounttype = $_POST['accounttype'];
$email = $_post['email'];
$password = $_POST['password'];
$humancheck = $_POST['humancheck'];
$username = stripslashes($username);
$country = stripslashes($country);
$state = stripslashes($state);
$city = stripslashes($city);
$your_age = stripslashes($your_age);
$adress1 = stripslashes($adress1);
$looking_for = stripslashes($looking_for);
$sexual_orientation = stripslashes($sexual_orientation);
$living_in = stripslashes($living_in);
$accounttype = stripslashes($accounttype);
$email = stripslashes($email);
$password = stripslashes($password);
$username = strip_tags($username);
$country = strip_tags($country);
$state = strip_tags($state);
$city = strip_tags($city);
$your_age = strip_tags($your_age);
$adress1 = strip_tags($adress1);
$looking_for = strip_tags($looking_for);
$sexual_orientation = strip_tags($sexual_orientation);
$living_in = strip_tags($living_in);
$accounttype = strip_tags($accounttype);
$email = strip_tags($email);
$password = strip_tags($password);
$sql_email_check = mysql_query("SELECT id FROM meetyourpal WHERE email='$email'");
$email_check = mysql_num_rows($sql_email_check);
if((!$username) || (!$country) || (!$state) || (!$city) || (!$your_age) || (!$sexual_orientation) || (!$adress1) || (!$looking_for) || (!$living_in) || (!$accounttype) || (!$email) || (!$password)){
$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$username){
$errorMsg .= '* username<br />';
} if(!$country){
$errorMsg .= '* country<br />';
} if(!$adress1){
$errorMsg .= '* adress1<br />';
} if(!$state){
$errorMsg .= '* state<br />';
} if(!$city){
$errorMsg .= '* city<br />';
} if(!$your_age){
$errorMsg .= '* your_age<br />';
} if(!$looking_for){
$errorMsg .= '* looking_for<br />';
} if(!$sexual_orientation){
$errorMsg .= '* sexual_orientation<br />';
} if(!$living_in){
$errorMsg .= '* living_in<br />';
} if(!$accounttype){
$errorMsg .= '* accounttype<br />';
} if(!$email){
$errorMsg .= '* email<br />';
} if(!$password){
$errorMsg .= '* password<br />';
}
}
$sql_username_check = mysql_query("SELECT id FROM meetyourpal WHERE username='$username' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u>Your User Name is already in use inside our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u>Your Email address is already in use inside our system. Please try another.<br />";
} else if ($human_check!=""){
$errorMsg = "ERROR The human check field must be cleared to be sure you are human<br/>";
} else {
$username = mysql_real_escape_string($username);
$country = mysql_real_escape_string($country);
$state = mysql_real_escape_string($state);
$city = mysql_real_escape_string($city);
$your_age = mysql_real_escape_string($your_age);
$adress1 = mysql_real_escape_string($adress1);
$looking_for = mysql_real_escape_string($looking_for);
$sexual_orientation = mysql_real_escape_string($sexual_orientation);
$living_in = mysql_real_escape_string($living_in);
$accounttype = mysql_real_escape_string($accounttype);
$email = mysql_real_escape_string($email);
$username = ereg_replace("[^A-Za-z0-9]", "", $_POST['username']);
$country = ereg_replace("[^A-Z a-z0-9]", "", $_POST['country']);
$state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['state']);
$city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['city']);
$your_age = ereg_replace("[^A-Z a-z0-9]", "", $_POST['your_age']);
$adress1 = ereg_replace("[^A-Z a-z0-9]", "", $_POST['adress1']);
$looking_for = ereg_replace("[^A-Z a-z0-9]", "", $_POST['looking_for']);
$sexual_orientation = ereg_replace("[^A-Z a-z0-9]", "", $_POST['sexual_orientation']);
$living_in = ereg_replace("[^A-Z a-z0-9]", "", $_POST['living_in']);
$accounttype = ereg_replace("[^a-z]", "", $_POST['accounttype']);
$email = stripslashes($_POST['email']);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']);
$hashedPass = md5($password);
$sql = mysql_query("INSERT INTO meetyourpal (username, adress1, country, state, city, your_age, looking_for, sexual_orientation, living_in, accounttype, email, password)
VALUES('$username','$adress1','$country','$state','$city','$your_age','$looking_for','$sexual_orientation','$living_in','$accounttype','$email','$hashedPass', now())") or die (mysql_error());
$id = mysql_insert_id();
mkdir("members/$id", 0755);
$to = "$email";
$from = "[email protected]";
$subject = "Complete your registration";
$message = '<html>
<body bgcolor="#FFFFFF">
Hi ' . $username . ',
<br /><br />
You must complete this step to activate your account with us.
<br /><br />
Please click here to activate now >>
<a href="activation.php?id=' . $id . '&sequence=$db_password">
ACTIVATE NOW</a>
<br /><br />
Your Login Data is as follows:
<br /><br />
E-mail Address: ' . $email . ' <br />
Password: ' . $password . '
<br /><br />
See you at our site!!!!!
Thanks!
</body>
</html>';
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
$to = "$to";
mail($to, $subject, $message, $headers);
print "<br /><br /><br /><h4>OK $firstname, one last step to verify your email identity:</h4><br />
We just sent an Activation link to: $email<br /><br />
<strong><font color=\"#990000\">Please check your email inbox in a moment</font></strong> to click on the Activation <br />
Link inside the message. After email activation you can log in.";
exit();
}
} else {
$errorMsg = "Fields marked with an [*] are required.";
$username = "";
$country = "";
$state = "";
$city = "" ;
$your_age = "";
$adress1 = "";
$looking_for = "";
$sexual_orientation = "";
$living_in = "";
$accounttype = "";
$email = "";
$password = "";
}
?>
Waar moet ik de fout zoeken? Kan iemand mij een hint geven?
Alvast bedankt,peter
Dit stuk is fout, tel je kolommen maar eens na
Code (php)
1
2
2
"INSERT INTO meetyourpal (username, adress1, country, state, city, your_age, looking_for, sexual_orientation, living_in, accounttype, email, password)
VALUES('$username','$adress1','$country','$state','$city','$your_age','$looking_for','$sexual_orientation','$living_in','$accounttype','$email','$hashedPass', now())"
VALUES('$username','$adress1','$country','$state','$city','$your_age','$looking_for','$sexual_orientation','$living_in','$accounttype','$email','$hashedPass', now())"
Gewijzigd op 17/01/2011 22:06:09 door Jasper DS
Script is lek => sql-injection.
santhe wil zeggen gebruik mysql_real_escape_sring() rond je input
dank je jasper, dat ene probleem is opgelost nu krijg ik de melding "Unknown column 'adress1' in 'field list",hij staat in de code, hij staat in het invul formulier en in de database. Wat nu?
Ik weet niet of het helpt maar address is met dubbel d en dubbel s.
Controleer de indeling anders (met DESCRIBE meetyourpal)