Text value from input field is not storing in PHP database

Question

I have a script that creates the total of each row after adding the product, price, quantity, product width, product height in multiple records. When I enter the numeric values in all input fields including product name, the query runs and enters the records, but when I type an alphabetic product name, the query does not run.

<!DOCTYPE html>
<html>
<head>
    <title></title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
</head>
<body>
<form method="POST" action="">
<table>
  <thead>
    <th>Product</th>
    <th>Price</th>
    <th>Quantity</th>
    <th>Width</th>
    <th>Height</th>
    <th>Total</th>
  </thead>

  <tbody id="product_table">
    <tr>
        <td><input type="text" name="product[]"></td>
        <td><input type="text" name="price[]"></td>
        <td><input type="text" name="quantity[]"></td>
        <td><input type="text" name="width[]" value="0"></td>
        <td><input type="text" name="height[]" value="0"></td>
        <td><input type="text" name="total[]" class="totalPrice" readonly></td>
    </tr>
    <tr>
        <td><input type="text" name="product[]"></td>
        <td><input type="text" name="price[]"></td>
        <td><input type="text" name="quantity[]"></td>
        <td><input type="text" name="width[]" value="0"></td>
        <td><input type="text" name="height[]" value="0"></td>
        <td><input type="text" name="total[]" class="totalPrice" readonly></td>
    </tr>
  </tbody>
<button name="send">Submit</button>
</table>
</form>
</body>
<?php
include('database.php');

if (isset($_POST['send'])) {
$product = $_POST['product'];
$price = $_POST['price'];
$quantity = $_POST['quantity'];
$width = $_POST['width'];
$height = $_POST['height'];
$total = $_POST['total'];
$invoice_number = 1;

for($i=0; $i<count($_POST['total']); $i++) {
        if($i <> count($_POST['total'])) {

  $sql = "INSERT INTO invoice_order(invoice_number, product, price, quantity, width, height, total) 
      VALUES (".$invoice_number.",".$_POST['product'][$i].",".$_POST['price'][$i].",".$_POST['quantity'][$i].",".$_POST['width'][$i].",".$_POST['height'][$i].",".$_POST['total'][$i].")";

      $query = mysqli_query($connect, $sql);  
    }}
  if ($query) {
          echo "Record inserted Successfully";
       }else{
          echo "Unable to insert Record";
       }}?>

<script>
const table = document.getElementById('product_table');
table.addEventListener('input', ({ target }) => {
  const tr = target.closest('tr');
  const [product, price, quantity, width, height, total] = tr.querySelectorAll('input');

  var size = width.value * height.value;
  var rate = price.value * quantity.value;
  var nameproduct = product.value;
  if (size != "") {
    total.value = size * rate;
  }else{
    total.value = rate; 
  }
  totalPrice();
});
</script>
<style>
    table,tr,td,th { border: 1px black solid;}
</style>
</html>

Answer 1

First thing first. You should study about SQL injection before you make this code go live.

Now your answer. You need to wrap your product parameter with single quotes like :

$sql = "INSERT INTO invoice_order(invoice_number, product, price, quantity, width, height, total) 
  VALUES (".$invoice_number.",'".mysqli_real_escape_string($connect, $_POST['product'][$i])."',".$_POST['price'][$i].",".$_POST['quantity'][$i].",".$_POST['width'][$i].",".$_POST['height'][$i].",".$_POST['total'][$i].")";