WOOOOOOHHHH no. This should not be done under any circumstance! This is a security break waiting to happen and should not continue. There is far too much at risk storing what you want to store, and since you cant get an insert statement to work, you do NOT have the knowledge on the other security aspects needed to do this type of thing. There are PCI compliance requirements, security requirements, hosting requirements, all of which you do not have enough knowledge of to store any kind of payment details. Use a service like Stripe and stop doing what you are trying to do for the sake of everyone that may use this!!!
I know that but it is required I too can’t help as I am working as per requirements. So please if anyone could try to see whats wrong or any suggestions for improvement in the code would be thankful.
start asking for errors:
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
and use Prepared Statements, it’s much clearer.