Hi, I see several mistakes and some weak points in your code:
1.
When calling a function one should always check for success; and take appropriate action when something fails, e.g. emitting an error message. Without any error handling, you're flying blind (and possibly creating a big mess).
2.
mysql offers a function mysqli_error() to get more information when something went wrong.
When trying to connect however, one should use mysqli_connect_error().
3.
Your
mysqli_select_db($conn, 'products');
selects another database (not another table); read the doc, then drop the statement.
4.
I doubt an HTML input of type Submit will generate a 'Submit' field in $_POST; I tend to specify a name attribute for submits, and then the chosen name does appear in $_POST.
5.
Uninitialized PHP variables don't hold the empty string "" so your quintuple test doesn't catch every bad situation.
6.
It is very bad style using an SQL insert statement that doesn't explicitly name the fields you intend to give a value: what if the field set isn't matching your value list? What if later someone changes the table structure, e.g. prepends a new field?
7.
And finally, someone is bound to tell you string concatenation for SQL queries isn't a very good idea either (
Little Bobby Tables - explain xkcd[
^]). I won't. For now.
In summary, make your code more defensive, provide intermediate results (especially in error cases), and don't forget to read the documentation on everything you want to use but aren't familiar with.
:)