Hi,
I developed a little plugin that creates a hook to take the data from CF7 and store it in a separate mySQL database (not the database associated with the wordpress site). It works fine without it, but when I tried applying mysqli_real_escape_string to the variables, the contact form hangs after pressing the submit button. Here is the relevant code:
`$con=mysqli_connect("localhost","user","pass","db");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// create post data variables
$name = $WPCF7_ContactForm->posted_data['name'];
$email = $WPCF7_ContactForm->posted_data['email'];
$phone = $WPCF7_ContactForm->posted_data['phone'];
$key = $WPCF7_ContactForm->posted_data['key'];
//escape strings for security
$name = $mysqli_real_escape_string($con, $name);
$email = $mysqli_real_escape_string($con, $email);
$phone = $mysqli_real_escape_string($con, $phone);
$key = $mysqli_real_escape_string($con, $key);
$sql="INSERT INTO leads ('Name', 'Email', 'Phone', 'Keywords')
VALUES ('$name', '$email', '$phone', '$key')";`
The code works fine without the escape strings, but not with them. How should I go about solving the problem?
