<?phpif (isset($_POST['create'])) { include "../db_conn.php"; function v

1. <?php
2.  
3. if (isset($_POST['create'])) {
4. include "../db_conn.php";
5. function validate($data){
6. $data = trim($data);
7. $data = stripslashes($data);
8. $data = htmlspecialchars($data);
9. return $data;
10. }
11.  
12. $customer_name = validate($_POST['customer_name']);
13. $customer_email = validate($_POST['customer_email']);
14. $customer_mobile = validate($_POST['customer_mobile']);
15. $poNum = validate($_POST['poNum']);
16. $site_name = validate($_POST['site_name']);
17. $street1 = validate($_POST['street1']);
18.  
19. $user_data = 'customer_name='.$customer_name.
20. '&customer_email='.$customer_email.
21. '&customer_mobile='.$customer_mobile.
22. '&poNum='.$poNum.
23. '&site_name='.$site_name.
24. '&street1='.$street1;
25.  
26. if (empty($customer_name)) {
27. header("Location: ../index.php?error=Name is required&$user_data");
28. }else if (empty($customer_email)) {
29. header("Location: ../index.php?error=Email is required&$user_data");
30. }else if (empty($customer_mobile)) {
31. header("Location: ../index.php?error=Mobile is required&$user_data");
32. }else if (empty($poNum)) {
33. header("Location: ../index.php?error=PO Num is required&$user_data");
34. }else if (empty($site_name)) {
35. header("Location: ../index.php?error=Site Name is required&$user_data");
36. }else if (empty($street1)) {
37. header("Location: ../index.php?error=Address is required&$user_data");
38. }else {
39.  
40. $sql = "INSERT INTO users(customer_name, customer_email, customer_mobile, poNum, site_name, street1)
41. VALUES('$customer_name', '$customer_email', '$customer_mobile',
42. '$poNum', '$site_name', '$street1')";
43. $result = mysqli_query($conn, $sql);
44. if ($result) {
45. header("Location: ../read.php?success=Successfully Created");
46. }else {
47. header("Location: ../index.php?error=Unknown error occurred&$user_data");
48. }
49. }
50. }
51.