I will try one more time with this version. I’m still questioning that $db is set and your session values. I’ve tested this with both types of connections below.
<?php
$host = "localhost";
//Database user name.
$login = "";
//Database Password.
$dbpass = "";
//Database name.
$dbname = "";
$db = mysqli_connect("$host", "$login", "$dbpass", "$dbname");
?>
AND
<?php
$host = "localhost";
//Database user name.
$login = "";
//Database Password.
$dbpass = "";
//Database name.
$dbname = "";
$db = new mysqli("$host", "$login", "$dbpass", "$dbname");
?>
And the page with an extra check for $_SESSION[‘username’] before query as I’ve still not heard from you that you are sure these session values are set. I’ve left the query for rank in the script as the top condition is now looking for a rank of partner or admin.
<?php
session_start();
include ("config.php");
if(isset($_SESSION['rank']) && ($_SESSION['rank'] == "partner" || $_SESSION['rank'] == "admin")){}else{
header("location: ../index.php");
exit;
}
include ("menu.php");
include ("header.php");
if(isset($_POST['submit']))
{
$c_name = trim($_POST['channel_name']);
$v_link = trim($_POST['video_link']);
$v_title = trim($_POST['video_title']);
$v_desc = trim($_POST['video_description']);
$v_tags = trim($_POST['video_tags']);
$m_sources = trim($_POST['music_sources']);
$s_requests = trim($_POST['special_requests']);
if(empty($c_name) || empty($v_link) || empty($v_title) || empty($v_desc) || empty($v_tags))
{
echo 'You must fill in the first 5 fields.';
}
else
{
if(!isset($_SESSION['username'])){
echo 'Session is not set';
}else{
$username = mysqli_real_escape_string ($db, $_SESSION['username']);
$query = "SELECT rank FROM users WHERE username = '$username'";
$getRank = $db->query($query) or die(mysqli_error($db));
$row = $getRank->fetch_assoc();
$rank = $row['rank'];
$rank = mysqli_real_escape_string ($db, $rank);
$c_name = mysqli_real_escape_string ($db, $c_name);
$v_link = mysqli_real_escape_string ($db, $v_link);
$v_title = mysqli_real_escape_string ($db, $v_title);
$v_desc = mysqli_real_escape_string ($db, $v_desc);
$v_tags = mysqli_real_escape_string ($db, $v_tags);
$m_sources = mysqli_real_escape_string ($db, $m_sources);
$s_requests = mysqli_real_escape_string ($db, $s_requests);
$sql ="INSERT INTO submitted_forms (`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) VALUES ('$username','$rank','$c_name','$v_link','$v_title','$v_desc','$v_tags','$m_sources','$s_requests')";
//echo $sql;
$db->query($sql) or die(mysqli_error($db));
echo 'Form submitted successfully.';
}
}
}
?>
<form action="" method="post">
<p>Channel name <input type="text" name="channel_name" required>*</p>
<p>Video Link <input type="text" name="video_link" required>*</p>
<p>Video Title <input type="text" name="video_title" required>*</p>
<p>Video Description <input type="text" name="video_description" required>*</p>
<p>Video Tags <input type="text" name="video_tags" required>*</p>
<p>Music Sources <input type="text" name="music_sources"></p>
<p>Special Requests <input type="text" name="special_requests"></p>
<br></br>
<p><input type="submit" name="submit" value="Submit"></p>
</form>
</body>
</html>