Problem with form database connectivity

You’re inserting raw POST data straight into an SQL query – sanitize, sanitize, sanitize! The code below should get you started, but I would advise you add some additional checks (is the email valid? are the strings too long? etc.):

<?php

$errors =
$values = array();

if ( isset( $_POST['Submit'] ) ) {
    $fields = array(
        'firstNametxt',
        'lastNametxt',
        'email',
        'query',
    );

    foreach ( $fields as $field ) {
        if ( isset( $_POST[ $field ] ) ) { // Never assume a POST field will be set
            // Ensure the value is a string, POST data can be an array if the user is meddling
            $value = ( string ) $_POST[ $field ];

            // Strip slashes that WordPress adds
            $value = wp_unslash( $value );

            // Remove trailing/preceding whitespace
            $value = trim( $value );

            // Core WordPress function to check for invalid UTF-8, strip tags, remove line breaks etc.
            $value = sanitize_text_field( $value );
        } else {
            $value="";
        }

        if ( ! $value )
            $errors[ $field ] = 'This field is required.';
        else
            $values[ $field ] = $value;
    }

    if ( ! $errors ) {
        $wpdb->insert(
            $wpdb->prefix . 'contactus',
            $values,
            '%s'
        );
    }
}

?>

<?php if ( $errors ) : ?>

    <p>Please ensure all fields are completed.</p>

<?php endif ?>

<form method="post">
    FirstName <input type="text" name="firstNametxt" value="" /><br/>
    LastName   <input type="text" name="lastNametxt" value="" /><br/>
    email <input type="text" name="email" value="" /><br/>
    Query <input type="text" name="query" value="" /><br/>
    <input name="Submit" type="submit" value="Submit">
</form>

And read up on the codex for safely inserting into tables using wpdb::insert()

Related Posts:

  1. phpMyAdmin – Error > Incorrect format parameter?
  2. Difference between partition key, composite key and clustering key in Cassandra?
  3. How SID is different from Service name in Oracle tnsnames.ora
  4. What is a relation in database terminology?
  5. Why is my database import losing text widget data?
  6. Why WordPress choose data serialization over json_encode?
  7. Are There Any Plans for WordPress to Support Databases Other Than MySQL?
  8. Reset Post IDs to less than 64bit integer
  9. how can get database name in wordpress?
  10. Does WordPress use the InnoDB engine for MySQL by default?
  11. $wpdb->prepare() warning in WordPress 3.5
  12. Best way to import users, post and categories from an external database
  13. Performance tips for a large user base [closed]
  14. How to delete outdated, wrongly sized images in _wp_attachment_metadata?
  15. Long option names fail silently?
  16. wp_options is GB in size
  17. Can’t update database after wordpress update from 3.8.1 to 4.4.1
  18. Upload files – total size limit – WordPress/Contact Form 7
  19. Relationship between performance and database size
  20. Why does WordPress rely on an fully qualified site_url with a 15-step plan for moving a site?
  21. WordPress and automated MySQL backups to a different host
  22. Scheduling posts in database
  23. Size article thumbnails and retrieve them directly from database
  24. Should I be able to run two different “close” code versions of wordpress with the same DB
  25. how to store arrays into a database
  26. How can I create a Bible search engine via WordPress? [closed]
  27. Error establishing a database connection; After importing DB & Theme
  28. Where are WP_Errors Saved
  29. Get all images from this database table
  30. Delete transients in website
  31. Error establishing database connection – high traffic?
  32. wp_get_current_user always returns 0 continued
  33. Bulk-create posts from SQL database
  34. I am switching laptops. I host my WP server through MAMP. I want to transfer [closed]
  35. How can i customize the export personal data file?
  36. Is there a solution to auto-post data to a WP post from a database
  37. Auto login subdomain from main domain on single sites with different DB
  38. Cleanup: best way to remove WooCommerce comments from the wp_comments table
  39. Logins from WP users table use on another page
  40. How can I show related posts from multiple separate installations
  41. Uknown meta entries in wp_postmeta
  42. Error establishing a database connection problem in xampp saver
  43. WordPress site URL changed; how to fix it without database access?
  44. I’m not able to get access to $wpdb [duplicate]
  45. Create table with dbDelta,can’t put any DEFAULT data
  46. WordPress database connection [closed]
  47. Changing between Local Host DB to Production DB and in reverse
  48. Bulk Updating Post Date in 1 day Increments
  49. What is the purpose of the “term_id” column in the “wp_term_taxonomy” table?
  50. Query Column of Specific ID from Database Table
  51. Posting variables to WP database using $_POST method
  52. Link image with data from the wpdb
  53. Update multiple rows in one query
  54. Storing user submitted forms [closed]
  55. User Tracking for Custom Post Type “Lesson”. Database Queries and Performance
  56. Understanding WordPress Search
  57. Re-creating a WordPress database
  58. contact form-7 drop downs not populating database [closed]
  59. Cloning blog to localhost via WAMP
  60. Export WP Subsite DB Fully Ready for Import Elsewhere
  61. Sed Command Not Writing Changes to SQL file
  62. How do I get database rows from a custom table using wpdb?
  63. Realtime database update from 3rd party apps (notion, airtable, sheet, etc)
  64. Join Query on WP_USERMETA Table
  65. Error during installation (DB)
  66. WordPress Settings API Overrides My Previous Value
  67. Move Non-WordPress users table to WordPress database
  68. How to check and get json object in WP database?
  69. Is there an actual way to synchronize ‘production’ and ‘develop’ WordPress databases?
  70. Lost database connection
  71. How to force set same page as homepage and blogpage in static page settings
  72. Getting values from form and saving in database but spaces are inserted instead of form values
  73. is it possible to install new WordPress in an old WordPress folder?
  74. Can someoene please help with customization of a post?
  75. Exporting Post ID, Post Title, Primary Category and Primary Category ID
  76. how restrict user to give star ratings once for a post?
  77. HELP $q=mysql_query($sel) or die(mysql_error()) HELP
  78. Updating Posts table in database without overwriting user generated content
  79. WordPress credentials not matched
  80. How to set posts to draft in bulk based on the content of the post
  81. 2 $wpdb queries causing error Table ‘wp_postmeta’ is specified twice, both as a target for ‘UPDATE’
  82. Confused over wp-config.php and ‘database user + database password + name’
  83. Change Domain name in database
  84. WordPress character set issue
  85. Copy WordPress to new directory
  86. Link wordpress with a SQl + MongoDB + .NET
  87. What am I doing wrong here? WordPress database error
  88. Why is converting my database to UTF-8 truncating entries?
  89. How can I work on a database along side a client?
  90. Download user generated data from WordPress
  91. /var/run/mysqld/mysqld.sock
  92. WordPress site seems convinced that it’s still at its old URL
  93. Database question while Migrating from one domain to another on same WebHost [Bluehost]
  94. Media Library won’t recognize SOME old files after move
  95. export individual posts to text files or a single csv file
  96. How can I rebuild my websites while I don’t have databases?
  97. SQL query to rewrite all media URLs to end with .webp
  98. wp-config was suddenly updated
  99. Weird WP -Cli Error Connection Refused
  100. How to find fresh (last modified) and sql backup?