The insert query is not working. and unable to locate the error as well

Question

I have issue with the query. i don't know why its not working, it always shows , there is an error, and do not insert data into table, although it is collecting data from form. there is no error or warning notification but it chooses the else option from if condition and does not insert data into table, don't know why.

<?php

 $con=mysqli_connect('localhost','root','','flentox');
 if(mysqli_connect_error($con))
 {
 echo   "there is an error in connection";
 }

$fname=$_POST['fname'];

$lname=$_POST['lname'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$area=$_POST['select'];
$address=$_POST['address'];
$eaddress=$_POST['eaddress'];



$query= mysqli_query($con, "INSERT INTO order(Fname,Lname,Email,Phone,Area,Address,Eaddress) VALUES(`$fname`,`$lname`,`$email`,`$phone`,`$area`,`$address`,`$eaddress`)");

   if ($query) {
    echo "order confirm";

}
else  {
echo    "There is an error";
}

?>

Anna Gabrielyan · Answer 1 · 2017-02-13T18:34:11.983

Your query is not correct, you don't need to use ( `` ) in VALUES. Don't forget to check if your values is empty or not. So if there is no data has come from $_POST, your query also will be crashed. Also don't forget about SQL injections. It is not recommended to insert $_POST or $_GET data immediately in query. Use Prepared Statements.

Try this.

$fname = (empty($_POST['fname']) ? 'default value' : $_POST['fname']);
.......... (for other params too).


"INSERT INTO order (`Fname`,`Lname`,`Email`,`Phone`,`Area`,`Address`,`Eaddress`) 
    VALUES('".$fname."','".$lname."','".$email."','".$phone."','".$area."','".$address."','".$eaddress."')";

Also to show your errors, run this code at the very top of the php file -

error_reporting(1);

no error or warning but still no insertion of data. there is an error — Zain, Feb 13 '17 at 18:47

The insert query is not working. and unable to locate the error as well

1 Answers1