forked from SujitSingh11/Exam-IN
-
Notifications
You must be signed in to change notification settings - Fork 2
/
contact_us_form.php
28 lines (25 loc) · 1.11 KB
/
contact_us_form.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<?php
include_once 'db/database.php';
session_start();
// Escape all $_POST variables to protect against SQL injections
$first_name = mysqli_real_escape_string($conn,$_POST['fname']);
$last_name = mysqli_real_escape_string($conn,$_POST['lname']);
$email = mysqli_real_escape_string($conn,$_POST['cemail']);
$message = mysqli_real_escape_string($conn,$_POST['message']);
if (isset($_POST['phone'])) {
$phone = mysqli_real_escape_string($conn,$_POST['phone']);
// Inserting record into database
$sql = "INSERT INTO contact_us (first_name, last_name, email, phone, message)
VALUES ('$first_name','$last_name','$email','$phone','$message')";
}else {
$sql = "INSERT INTO contact_us (first_name, last_name, email, message)
VALUES ('$first_name','$last_name','$email','$message')";
}
if ($query=mysqli_query($conn,$sql)) {
$_SESSION['message'] = 'Your Query has been submited.! <br> You will hear from us soon.';
header("location: success.php");
}else{
$_SESSION['message'] = 'We are facing some technical problems right now <br> Please try again later.';
header("location: error.php");
}
?>