0

I am trying to insert a value to mysql database with mysqli but it is not inserting and no error.

When I submit my form it does not insert the data into database, and also no error in online.

Then it is working fine in local server and data inserted into database also. I do not know what is the problem? My PHP Code is here:

PHP CODE

<?php
session_start(); 
include_once('inc/dbConnect.inc.php');

if (isset($_POST['submit']))
{
    $emp_id = mysqli_real_escape_string($con,$_POST['emp_id']);
    $org_name = mysqli_real_escape_string($con,$_POST['org_name']);
    $org_type = mysqli_real_escape_string($con,$_POST['org_type']);
    $designation = mysqli_real_escape_string($con,$_POST['designation']);
    $mobile = mysqli_real_escape_string($con,$_POST['mobile']);
    $head_office = mysqli_real_escape_string($con,$_POST['head_office']);
    $main_site = mysqli_real_escape_string($con,$_POST['main_site']);
    $contact_name = mysqli_real_escape_string($con,$_POST['contact_name']);
    $position = mysqli_real_escape_string($con,$_POST['position']);
    $contact_mobile =mysqli_real_escape_string($con,$_POST['contact_mobile']);
    $contact_fax = mysqli_real_escape_string($con,$_POST['contact_fax']);
    $contact_tel_1 = mysqli_real_escape_string($con,$_POST['contact_tel_1']);
    $contact_tel_2 = mysqli_real_escape_string($con,$_POST['contact_tel_2']);
    $contact_email = mysqli_real_escape_string($con,$_POST['contact_email']);
    $website = mysqli_real_escape_string($con,$_POST['website']);
    $scope = mysqli_real_escape_string($con,$_POST['scope']);
    $site = mysqli_real_escape_string($con,$_POST['site']);
    $exclusions = mysqli_real_escape_string($con,$_POST['exclusions']);
    $justification = mysqli_real_escape_string($con,$_POST['justification']);
    $scheme = mysqli_real_escape_string($con,$_POST['scheme']);
    $accreditation = mysqli_real_escape_string($con,$_POST['accreditation']);
    $cer_oth_mngt_sys = mysqli_real_escape_string($con,$_POST['cer_oth_mngt_sys']);
    $cer_oth_mngt_sys_name = mysqli_real_escape_string($con,$_POST['cer_oth_mngt_sys_name']);
    $compliance = mysqli_real_escape_string($con,$_POST['compliance']);
    $language = mysqli_real_escape_string($con,$_POST['language']);
    $safety_condition = mysqli_real_escape_string($con,$_POST['safety_condition']);
    $outsource_process = mysqli_real_escape_string($con,$_POST['outsource_process']);
    $desc_tech_resource = mysqli_real_escape_string($con,$_POST['desc_tech_resource']);
    $consultancy = mysqli_real_escape_string($con,$_POST['consultancy']);
    $self_prepare = mysqli_real_escape_string($con,$_POST['self_prepare']);
    $date_of_audit = mysqli_real_escape_string($con,$_POST['date_of_audit']);
    $time_of_audit = mysqli_real_escape_string($con,$_POST['time_of_audit']);
    $name_of_cb = mysqli_real_escape_string($con,$_POST['name_of_cb']);
    $latest_audit = mysqli_real_escape_string($con,$_POST['latest_audit']);
    $transfer_reason = mysqli_real_escape_string($con,$_POST['transfer_reason']);
    $ems_or_ohsas = mysqli_real_escape_string($con,$_POST['ems_or_ohsas']);
    $obligations = mysqli_real_escape_string($con,$_POST['obligations']);
    $incident = mysqli_real_escape_string($con,$_POST['incident']);
    $otherinfo = mysqli_real_escape_string($con,$_POST['otherinfo']);
    $attach_list = mysqli_real_escape_string($con,$_POST['attach_list']);

    $reg_no = mysqli_real_escape_string($con,$_POST['reg_no']);
    $gst_no = mysqli_real_escape_string($con,$_POST['gst_no']);
    $tan_no = mysqli_real_escape_string($con,$_POST['tan_no']);
    $acc_name = mysqli_real_escape_string($con,$_POST['acc_name']);
    $contact_no = mysqli_real_escape_string($con,$_POST['contact_no']);
    $main_site1 = mysqli_real_escape_string($con,$_POST['main_site1']);
    $contact_email1 = mysqli_real_escape_string($con,$_POST['contact_email1']);

    $target_dir = "uploads/client/";
    $legalfile = $target_dir . basename($_FILES["legalfile"]["name"]);
    $cbfile = $target_dir . basename($_FILES["cbfile"]["name"]);
    $reportfile = $target_dir . basename($_FILES["reportfile"]["name"]);
    $addisofile = $target_dir . basename($_FILES["addisofile"]["name"]);
    $billfile = $target_dir . basename($_FILES["billfile"]["name"]);
    $attachfile = $target_dir . basename($_FILES["attachfile"]["name"]);

    $uploadOk = 1;

    $check = getimagesize($_FILES["legalfile"]["tmp_name"]);
    $check1 = getimagesize($_FILES["cbfile"]["tmp_name"]);
    $check2 = getimagesize($_FILES["reportfile"]["tmp_name"]);
    $check3 = getimagesize($_FILES["addisofile"]["tmp_name"]);

    $insquery = "INSERT INTO client_application(emp_id,org_name,org_type,designation,mobile,head_office,main_site,contact_name,position,contact_mobile,contact_fax,contact_tel_1,contact_tel_2,contact_email,website,scope,site,exclusions,justification,scheme,accreditation,cer_oth_mngt_sys,cer_oth_mngt_sys_name,legalfile,compliance,language,safety_condition,outsource_process,desc_tech_resource,consultancy,self_prepare,date_of_audit,time_of_audit,name_of_cb,cbfile,latest_audit,reportfile,transfer_reason,ems_or_ohsas,obligations,addisofile,incident,otherinfo,attach_list,reg_no,gst_no,tan_no,acc_name,contact_no,main_site1,contact_email1,billfile,attachfile) VALUES('".$emp_id."','".$org_name."','".$org_type."','".$designation."','".$mobile."','".$head_office."','".$main_site."','".$contact_name."','".$position."','".$contact_mobile."','".$contact_fax."','".$contact_tel_1."','".$contact_tel_2."','".$contact_email."','".$website."','".$scope."','".$site."','".$exclusions."','".$justification."','".$scheme."','".$accreditation."','".$cer_oth_mngt_sys."','".$cer_oth_mngt_sys_name."','".$legalfile."','".$compliance."','".$language."','".$safety_condition."','".$outsource_process."','".$desc_tech_resource."','".$consultancy."','".$self_prepare."','".$date_of_audit."','".$time_of_audit."','".$name_of_cb."','".$cbfile."','".$latest_audit."','".$reportfile."','".$transfer_reason."','".$ems_or_ohsas."','".$obligations."','".$addisofile."','".$incident."','".$otherinfo."','".$attach_list."','".$reg_no."','".$gst_no."','".$tan_no."','".$acc_name."','".$contact_no."','".$main_site1."','".$contact_email1."','".$billfile."','".$attachfile."')";
    $result = mysqli_query($con,$insquery);

    if ($result) {   
        header("Location:view_application.php"); 
    } else { 
        echo ucwords("Form submission error"); 
    }
}
?>
Nic3500
  • 8,144
  • 10
  • 29
  • 40
Kalai Shruthi
  • 21
  • 1
  • 4
  • 3
    You are wide open for SQL injection. Since you're using mysqli, take advantage of [prepared statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [bind_param](http://php.net/manual/en/mysqli-stmt.bind-param.php). **This will take care of any pesky quoting issues that may occur.** – aynber May 30 '18 at 13:33
  • Check for [mysqli errors](http://php.net/manual/en/mysqli.error.php) after your query to get the error from MySQL. – aynber May 30 '18 at 13:34
  • Possible duplicate of [How to get MySQLi error information in different environments](https://stackoverflow.com/questions/22662488/how-to-get-mysqli-error-information-in-different-environments) – Progman May 30 '18 at 15:39
  • Thank you @aynber i got my mistake – Kalai Shruthi May 30 '18 at 16:44

0 Answers0