If you look at the documentation at http://ca.php.net/manual/en/function.mysql-query.php , you can see that your mysql query function should be referenced to a variable, and then the variable is checked to see what the result was.



// Perform Query

$result = mysql_query($query);



// Check result

// This shows the actual query sent to MySQL, and the error. Useful for debugging.

if (!$result) {

$message = 'Invalid query: ' . mysql_error() . "\n";

$message .= 'Whole query: ' . $query;

die($message);

}



Also, checking to see if your email value is populated will not tell you if your mail function actually worked.

Try removing the single quotes from the first part of the query. Also the double quote (or is it 2 single quotes?) in the middle of the query shouldn't be there:



Like this:

$query = "INSERT INTO contacts(customerid, name, homeadd, fishpondadd, mobile, inquire, email)

VALUES ('{$_POST['name']}', '{$_POST['homeadd']}', '{$_POST['fishpondadd']}', '{$_POST['mobile']}', '{$_POST['inquire']}', '{$_POST['email']}')";



Also you are running the query twice.. you don't need the line:



mysql_query($query); // remove this line



You only need these lines:



if (!mysql_query($query,$con))

{

die('Error: ' . mysql_error());

}





You should also insert some error checking to make sure the database was selected correctly. Replace this line:



mysql_select_db("tambocom_tambo", $con); // remove this line



with these lines:



if(!mysql_select_db("tambocom_tambo", $con)) {

die("Unable to select database");

}



Apart from that your code is extremely vulnerable to SQL injection attacks.. you need to sanitize your $_POST values by running them through the mysql_real_escape_string function before passing through mysql_query.. e.g.



// do this for every value that must be sent to the database (use the sanitized variables in mysql_query).

$name = mysql_real_escape_string($_POST['name']);

// etc..



You should then validate each variable (before sending them to mysql_query) to make sure they are the right format (e.g. number or string, the right length etc). This will also add some extra security to the query.

1. When writing a new question that revises a previous question, please do NOT delete the old one. Either leave it alone or just add a comment to it. Some of us actually do go back to our previous answers to check for updates. Thanks.



2. As stated in the answers to your other questions, you don't need single quotes in your column list.



3. You don't need to include the auto-number field in your insert statement, so you can take that out.



4. Why are you running mysql_query twice? Remove the first one.