PHP code not inserting the values in the mysql database?

PHP code not inserting the values in the mysql database?

This is the php code im using to insert values in the database. There
seems to be no PHP error. Its just that the code is not inserting the
values in the table... Can u guys just help me out? Got a project to
submit... I hav really no idea what is wrong with this code!!
<?php
sleep(2);
//Sanitize incoming data and store in variable
$firstname = trim(stripslashes(htmlspecialchars($_POST['fname'])));
$lastname = trim(stripslashes(htmlspecialchars($_POST['lname'])));
$email = trim(stripslashes(htmlspecialchars($_POST['login'])));
$pass = trim(stripslashes(htmlspecialchars($_POST['password'])));
$quest = trim(stripslashes(htmlspecialchars($_POST['question'])));
$answ = trim(stripslashes(htmlspecialchars($_POST['answer'])));
$humancheck = $_POST['humancheck'];
$honeypot = $_POST['honeypot'];
require_once('connection/config.php');
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
$sql = "INSERT INTO members (firstname, lastname, login, passwrd,
question_id, answer) VALUES (".
PrepSQL($firstname) . ", " .
PrepSQL($lastname) . ", " .
PrepSQL($email) . ", " .
PrepSQL(md5($_POST['password'])) . ", " .
PrepSQL($quest) . ", " .
PrepSQL(md5($_POST['answer'])) . ")";
mysql_query($sql);
if ($honeypot == 'http://' && empty($humancheck)) {
//Validate data and return success or error message
$error_message = '';
$reg_exp = "/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9-]+\.[a-zA-Z.]{2,4}$/";
if (!preg_match($reg_exp, $email)) {
$error_message .= "<p>A valid email address is
required.</p>";
}
if (empty($firstname)) {
$error_message .= "<p>Please provide a preferred date
for ur visit.</p>";
}
if (empty($lastname)) {
$error_message .= "<p>Please provide the number of
adults in your group for ur visit.</p>";
}
if (empty($pass)) {
$error_message .= "<p>Please provide the number of
children in your group for ur visit.</p>";
}
if (empty($quest)) {
$error_message .= "<p>Please provide your name.</p>";
}
if (empty($answ)) {
$error_message .= "<p>Please provide your surname.</p>";
}
if (!empty($error_message)) {
$return['error'] = true;
$return['msg'] = "<h3>Oops! The request was successful
but your form is not filled out
correctly.</h3>".$error_message;
echo json_encode($return);
exit();
} else {
$return['error'] = false;
$return['msg'] = "<p>Thank you.</p>";
echo json_encode($return);
}
} else {
$return['error'] = true;
$return['msg'] = "<h3>Oops! There was a problem with your submission.
Please try again.</h3>";
echo json_encode($return);
}
//added
//echo("Request Submitted!");
//exit();
// function: PrepSQL()
// use stripslashes and mysql_real_escape_string PHP functions
// to sanitize a string for use in an SQL query
//
// also puts single quotes around the string
//
function PrepSQL($value)
{
// Stripslashes
if(get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote
$value = "'" . mysql_real_escape_string($value) . "'";
return($value);
}
?>