mysql query data insertion through php

Question

<?php
$servername = "localhost";
$username = "root";
$password = "";
$database = "test";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully";
$value1=$_POST['txtname'];
$value2=$_POST['cellnumber'];
$value3=$_POST['dist'];
$value4=$_POST['specialization'];
$value5=$_POST['membername'];
$value6=$_POST['date'];
$sql = "INSERT INTO students (StudentName, CellNumber, District, Specialization, PromotionMember, Date)
VALUES ('$value1', '$value2', '$value3', '$value4', '$value5', '$value6')";
if (!mysqli_query($sql)) { 
die ('Error: ' . mysql_error());
}
else
{ 
echo ("معلومات ارایه شده شما ثبت شد");
header("Location: register.html");
}
mysqli_close();
?>

connection is successfull but data insertion is getting error on line 23 which is (if (!mysqli_query($sql)) { ) enter image description here

Answer 1

Your query doesn't run because you are using the MySQLi function wich need 2 parameters to execute your query.

So instead of

mysqli_query($sql)

you have to do:

mysqli_query($conn, $sql)

Your code also looks vulnerable to SQL Injections, so you want to know how to escape the strings in MySQLi. I recommend you to use prepared statements. I hope this will help!

Answer 2

Try this code...

$sql = "INSERT INTO students (StudentName,CellNumber, District, Specialization, PromotionMember,      Date)VALUES ('$value1', '$value2', '$value3', '$value4', '$value5', '$value6')";
$q=mysqli_query($conn,$sql);
if (!$q) { 
die ('Error: ' . mysqli_error($conn));
}else{header("Location: register.html");}

Answer 3

Try This code..

$sql = "INSERT INTO students (StudentName, CellNumber, District, Specialization, PromotionMember, Date)
VALUES ('$value1', '$value2', '$value3', '$value4', '$value5', '$value6')";
$qw=mysqli_query($conn,$sql);

if($qw)

{

header("Location: register.html");

}