1

I am having issues with my PHP code. I am trying to insert data into a mysql database using two session variables that I will need at a later time in the form. However whenever I submit the form I am returned with a "Unknown column in 'field list'" error. The code is lengthy but you will likely need all of it to understand the issue.

    <?php
        session_start();
// Check for hazards and put them in an array if there is one selected
if($_SERVER['REQUEST_METHOD'] == 'POST') {
require ('../mysqli_connect.php'); //connect to the db

//Check for offender first name
if (empty($_POST['pris_firstname'])) {
$errors[] = 'You forgot to enter offender first name.';
    } else {
        $prisf=$_POST['pris_firstname'];
    }   

//Check for offender last name
if (empty($_POST['pris_lastname'])) {
$errors[] = 'You forgot to enter offender last name.';
    } else {
        $prisl=$_POST['pris_lastname'];
    }           

//Check for offender date of birth
$dob = ($_POST['pris_dateofbirth']);


//Check for offender phone number
if (empty($_POST['pris_phonenum'])) {
$errors[] = 'You forgot to enter offender Phone Number.';
    } else {
        $prisphone=trim($_POST['pris_phonenum']);
    }           

//Check for offender address
if (empty($_POST['pris_address'])) {
$errors[] = 'You forgot to enter offender Address.';
    } else {
        //$prisaddress=trim($_POST['pris_address']);
        foreach($_POST["pris_address"] as $value) { 
        $prisaddress .= $value . '\n'; 
    } 
    }   



//Check for offender next of kin first name
if (empty($_POST['pris_kinfirstname'])) {
$errors[] = 'You forgot to enter next of kin first name.';
    } else {
        $kinfirst=trim($_POST['pris_kinfirstname']);
    }   

//Check for offender next of kin last name
if (empty($_POST['pris_kinlastname'])) {
$errors[] = 'You forgot to enter next of kin last name.';
    } else {
        $kinlast=trim($_POST['pris_kinlastname']);
    }           

//Check for offender next of kin phone number
if (empty($_POST['pris_kinphone'])) {
$errors[] = 'You forgot to enter next of kin area code.';
    } else {
        $kinphone=trim($_POST['pris_kinphone']);
    }           

if (empty($_POST['pris_kinrelation'])) {
$errors[] = 'You forgot to enter next of kin relation.';
    } else {
        $kinrelation=trim($_POST['pris_kinrelation']);
    }

//Check for offender next of kin address
if (empty($_POST['pris_kinaddress'])) {
$errors[] = 'You forgot to enter next of kin street address.';
    } else  {
                foreach($_POST["pris_kinaddress"] as $value2) { 
                $kinaddress .= $value2 . '\n'; 
            } 
            }                   
if (empty($errors)) { //if everyhing is ok
$q = "INSERT INTO prisoner_profile (pris_status, 
                                    pris_firstname, 
                                    pris_lastname, 
                                    pris_dateofbirth, 
                                    pris_phonenum, 
                                    pris_address, 
                                    pris_kinfirstname, 
                                    pris_kinlastname, 
                                    pris_kinphone, 
                                    pris_kinaddress, 
                                    pris_kinrelation
                                    ) VALUES (
                                    '$status', 
                                               ".$_SESSION['pris_firstname'].",  ".$_SESSION['pris_lastname'].",
                                    '$dob', 
                                    '$prisphone', 
                                    '$prisaddress', 
                                    '$kinfirst', 
                                    '$kinlast', 
                                    '$kinphone', 
                                    '$kinaddress', 
                                    '$kinrelation'
                                    )"; 
$r = @mysqli_query ($dbc, $q); //Run the query.

Hope someone can help!

Improve this question
3
  • What unknown column is it listing? Have you checked that all the columns in your query exist in the DB? Also, you need single quotes around where you insert the session values. Finally, your code is very vulnerable to SQL injection. You should read up on how to resolve this using mysqli Commented Feb 5, 2013 at 19:36
  • Thanks for the answers guys! I am painfully new at this stuff and will give it all a try. The odd thing is that if I change the session variable back to regular variable the query runs with no errors. I will keep working away at it! Commented Feb 6, 2013 at 13:26
  • Also if I change the double quotes around the session variables to single the page is a white screen of death Commented Feb 6, 2013 at 13:28

3 Answers 3

Reset to default
3

The error is pretty much self-explanatory, it means that you have got a column name wrong in your database. I recomend you echo out the error for your query just for this case as:

$r = mysqli_query ($dbc, $q) or die (mysqli_error());

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

That is what would seem to be the issue. However the "field" that it tells me is incorrect shows up as whatever I type into the form for taht variable. Also, the code work if I use only number in the First Name and Last Name fields. The actual field in my database ate both VARCHAR(30).
I figured it out, thanks so much to everyone! It was indeed linked to a typo, however I also changed the ".$_SESSION['pris_firstname']." to '$_SESSION[pris_firstname]' now it works perfectly! I will look into the sql injection problems!
2

One of the columns that are listed in your INSERT statement does not actually exist in the prisoner_profile. Check your table schema.

Improve this answer

Comments

1

The one obvious issue I can see here is that you haven't handled the escape characters in your query, and you have used a few \n characters in your code.

Use mysqli_real_escape_string to handle that when inputting the data to the database.

Something like

$q = mysqli_real_escape_string($q);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.