<?php
$servername = "localhost";
$dbname = "jibhires_d1";
$username = "jibhires_sam";
$password = "mmXI!i$zIH3c";
$api_key_value = "tPmAT5Ab3j7F911";
$api_key= $dev_id = $temp = $hum = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $api_key = test_input($_POST["api_key"]);
    if($api_key == $api_key_value) {
        $dev_id = test_input($_POST["dev_id"]);
        $temp = test_input($_POST["loc_temp"]);
        $hum = test_input($_POST["loc_hum"]);

        // Create connection
        $conn = new mysqli($servername, $username, $password, $dbname);
        // Check connection
        if ($conn->connect_error) {
            die("Connection failed: " . $conn->connect_error);
        }

        $sql = "INSERT INTO hum_temp_data (dev_id, loc_temp, loc_hum)
        VALUES ('" . $dev_id . "', '" . $temp . "', '" . $hum . "')";

        if ($conn->query($sql) === TRUE) {
            echo "New record created successfully";
        }
        else {
            echo "Error: " . $sql . "<br>" . $conn->error;
        }

        $conn->close();
    }
    else {
        echo "Wrong API Key provided.";
    }

}
else {
    echo "No data posted with HTTP POST.";
}

function test_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
}