0

I get HTTP ERROR 500 when I have my code configured like this:

$orderid = $_POST['OrderID'];
$email = $_POST['Buyer-Email'];
$warranty = $_POST['Warranty'];
$quantity = $_POST['Quantity'];
$subscription = $_POST['Subscription'];
$country = $_POST['Country'];
$product = $_POST['Product'];
$price = $_POST['Price'];
$type = $_POST['Type'];
$login = $_POST['Details-Email'];
$date = date("m/d/Y h:i:s a", time());

$sql = "INSERT INTO orders (orderid,email,product,warranty,quantity,country,subscription,price,time,type,logindetails) VALUES ('$orderid','$email','$product','$warranty','$quantity','$country','$subscription','$price','$date','$type','$login')";

if ($conn->query($sql) === TRUE) {
  echo "New record created successfully";
} else {
  echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();

And the database is set up like this:

enter image description here

I'm guessing I've misconfigured my database somehow. What am I doing wrong?

Edit: I was able to enable error messages with:

error_reporting(E_ALL);
ini_set('display_errors', 'On');

And I typed "conn" instead of "con"....

Sonalk
  • 79
  • 6
  • 1
    You don't have to guess - turn on php error reporting and find out the exact error. Or look in your log file, if logging is already enabled. And as per [ask], which you should already have read previously to now, please don't post images of code or data, they are very unhelpful to those trying to provide answers. – ADyson Feb 22 '22 at 18:48
  • There is probably an error message somewhere. If you are running the PHP code from your terminal, an error message probably appears there, or maybe it appears on the 500 error page? In any case, you'll want to find that as it probably points to the source of the problem. – Nathan Manousos Feb 22 '22 at 18:49
  • Sorry, I'll edit and paste the code. I read that you should edit the php.ini file to see error messages but I don't have such a file since it's a shared hosting provider (ProFreeHost). Can I enable it in htcaccess or add the php.ini file or something? – Sonalk Feb 22 '22 at 18:51
  • I was able to see errors with: error_reporting(E_ALL); ini_set('display_errors', 'On'); I think I got it from here. Thanks for the tip! – Sonalk Feb 22 '22 at 18:54
  • Also, your code is highly vulnerable to sql injection attacks, not to mention basic syntax errors - even a simple `'` in one of the input fields would break it right now! Wherever you learned to write your queries like that, please don't ever study anything from there again. Start learning how to execute queries correctly and safely using prepared statements and parameters. This can get you started: https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – ADyson Feb 22 '22 at 19:09

0 Answers0