Why am I not able to submit my data to database using PHP and MySQL?

Question

Here is my HTML code and there is PHP code too.

I have included both of my files and I've tried mostly all options. I know my all locations are correct so I've hidden those, other than that everything is there in the code.

<!DOCTYPE html>
<html>
<head>
    <title> CK EDITOR </title>
    <link rel="stylesheet" type="text/css" href="bootstrap/css/bootstrap.min.css">
    <link rel="stylesheet" type="text/css" href="fontawesome/fontawesome-free-5.0.6/web-fonts-with-css/css/fontawesome.min.css">
    <script src="ckeditor/ckeditor/ckeditor.js" type="text/javascript" ></script>
</head>
<body>
    <br>
    <a class="btn btn-success" href="textareaNB.php"> Home </a>
    <a class="btn btn-success" href="ListNB.php">Lists</a>
    <br><br>
    <form action="add.php" method="POST" enctype="multipart/form-data">
        <textarea class="ckeditor" id="editor"></textarea>
        <br>
        <button type="submit" name="submit" class="btn btn-sucess">submit</button> 

    </form>
</body>
</html>

<?php

    $path='lcoation';
    include ($path);
    include 'textareaNB.php';
    session_start();
    if($username == true){ 
    }
    else{
        header("location: http://localhost/Project/signupnb.php");
        exit();
    }

    $user=$_SESSION['user'];
   if(isset($_POST['submit']))
   {

    $date=date("Y/M/D");
    $entry=$_POST['editor'];
    $conn2=mysqli_connect("localhost","root","") or die(mysql_error());
    mysqli_Select_db($conn2,"editor") or die("connot connect to the database");

    mysqli_query($conn2,"INSERT INTO `editornb` (`user_uid`, `content`, `date`) values ('".$user."','".$entry."','".$date."')");
     print'<script> alert("Sucessfully Inserted!!!");</script>';
     print'<script> windows.location.assign("http://localhost/Project/projectNB.php");</script>';
    }
    else{
        header("location:http://localhost/Project/projectNB.php");
        exit();
    }

Answer 1

change:

<textarea class="ckeditor" id="editor"></textarea>

to:

<textarea class="ckeditor" name="editor" id="editor"></textarea>

Answer 2

What version of PHP are you using btw? If you're not using PHP version PHP 5.4.0+ then add the below code. This will reverse the auto escaping of data from $_ variables.

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

You have no name for your textarea so its content will not be passed to your php file.

Change:

<textarea class="ckeditor" id="editor"></textarea>

To:

<textarea class="ckeditor" id="editor" name="editor"></textarea>

(to prevent sql injection) Port to Prepared statement:

Replace:

mysqli_query($conn2,"INSERT INTO `editornb` (`user_uid`, `content`, `date`) values ('".$user."','".$entry."','".$date."')");
 print'<script> alert("Sucessfully Inserted!!!");</script>';
 print'<script> windows.location.assign("http://localhost/Project/projectNB.php");</script>';

With:

 $stmt = mysqli_prepare($conn2,"INSERT INTO `editornb` (`user_uid`, `content`, `date`) values (?, ?, ? );");
    mysqli_stmt_bind_param($stmt, "iss", $user, $entry, $date);
    $er = mysqli_stmt_execute($stmt);

    if( $er == TRUE ) {
        print'<script> alert("Sucessfully Inserted!!!");</script>';
        print'<script> windows.location.assign("http://localhost/Project/projectNB.php");</script>';
    }