Data is not storing in mysql database table from PHP site

Question

I want to store that value in a database after computing the domain. I have done everything right as per my knowledge but data is not being sent to the table.

Note : My mysql server is in AWS and I've opened the mysql port

My code is below,

<?php
$con = mysqli_connect("localhost","user_name","passwd","db_name");
$sql = "INSERT INTO contact_form (name, mobile, email, message) VALUES ('".$_POST['name']."', '".$_POST['phone']."', '".$_POST['email']."', '".$_POST['message']."')";
if (mysqli_query($con, $sql)) {
    echo "New record created successfully";
$to = 'contact@xxx.com';
$subject = 'Contact Form';
$from = 'contact@xxx.com';

// To send HTML mail, the Content-type header must be set
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

// Create email headers
$headers .= 'From: '.$from."\r\n".
    'Reply-To: '.$from."\r\n" .
    'X-Mailer: PHP/' . phpversion();

// Compose a simple HTML email message
$message = '<html><body>';
$message .= '<h1 style="color:#f40;">Hi!</h1>';
$message .= '<p>Name :'. $_POST['name'] .' </p>';
$message .= '<p>Contact Number :'.$_POST['phone'] .'</p>';$message .= '<p>Email :'.$_POST['email'] .'</p>';

$message .= '<p>Message :'.$_POST['message'] .'</p>';
$message .= '</body></html>';

// Sending email
mail($to, $subject, $message, $headers);
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($con);
}
mysqli_close($con);

?>

Please help me out. I'm not good in mysql. Thanks in advance !!

Your code is open to [SQL injection](https://stackoverflow.com/q/332365/2469308) related attacks. Please learn to use [Prepared Statements](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Madhur Bhaiya, Nov 26 '18 at 11:07
@MadhurBhaiya Sure. I'll try to change the code later. Could you please help me out to fix the issue ? — Ahamed N, Nov 26 '18 at 11:14
Do you get an error? Have you made a debug output of the SQL query you assembled there, and checked it for correctness? — misorude, Nov 26 '18 at 11:18
@misorude I am totally agree with you, but when the query was successful in browser and I'm not getting output when i check in the database tables. Is there anything we need to allow in aws for mysql ? — Ahamed N, Nov 26 '18 at 11:19

score 2 · Accepted Answer · answered Nov 26 '18 at 11:23

Ahamed, first of all you need to check if you have set your $_POST and it is not empty. Then you need to assign this data to custom variables.

I hope it helps.

    $con = mysqli_connect("localhost","user_name","passwd","db_name");
    if (isset($_POST['name']) && isset($_POST['phone']) && isset($_POST['email']) && isset($_POST['message'])){
        $username = $_POST['name'];
        $phone = $_POST['phone'];
        $email = $_POST['email'];
        $message = $_POST['message'];
        $sql = "INSERT INTO contact_form (name, mobile, email, message) VALUES ('$username', '$phone', '$email', '$message')";
        $result = $con->query($sql);
    }

Hi @Johnny, thanks for your help! I tried as per ur suggestion but the input from URL is not reflecting in my localhost databse. What would be the issue ? — Ahamed N, Nov 26 '18 at 11:50

Data is not storing in mysql database table from PHP site

1 Answers1