Reason:
prepare('INSERT INTO `Employee` (`Ename`, `Address`, `Phno`, `Salary`, `Category`, `Language`) VALUES (?, ?, ?, ?, ?, ?)'); $stmt->bind_param('sssdss', $ename, $address, $phno, $salary, $category, $languages); $stmt->execute(); $stmt->close(); display_success(); } } function display_employee_records($dbh) { $order_by = isset($_POST['order_by']) ? $_POST['order_by'] : 'Ename'; $desc_order = isset($_POST['desc_order']); $field_labels = [ 'EID' => 'Employee ID', 'Ename' => 'Name', 'Address' => 'Address', 'Phno' => 'Phone Number', 'Salary' => 'Salary', 'Category' => 'Category', 'Language' => 'Language' ]; $allowed_fields = array_keys($field_labels); if (!in_array($order_by, $allowed_fields)) display_failure('Invalid order_by field.'); $order_clause = $order_by . ($desc_order ? ' DESC' : ''); $result = $dbh->query('SELECT * FROM `Employee` ORDER BY ' . $order_clause); html_prologue('Employee Records'); ?>Path ' . htmlspecialchars($path) . ' was not found.