PHP 5 Forms Validate Name, E-mail, and URL

// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";

if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";

if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";

if (empty($_POST["website"])) {
$website = "";
} else {
$website = test_input($_POST["website"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
$websiteErr = "Invalid URL";

if (empty($_POST["comment"])) {
$comment = "";
} else {
$comment = test_input($_POST["comment"]);

if (empty($_POST["gender"])) {
$genderErr = "Gender is required";
} else {
$gender = test_input($_POST["gender"]);

Passing variables in PHP pages

I have read a value from a form as input form the user. the form is POST.

<form action="form_handler.php" method="POST">

Then, in the form_handler.php page I saved this value in a variable. $productID=$_POST['product']; Then, I want to pass this variable via link to another page as:

 echo "<a href='products.php?prodID=".$productID."' title='Products 
 Page' class='whatEver'>click here for product details</a>";

When I click the link, I see the value in the link. But, inside the page products.php I want to make MySQL query for the product details as:

$sql = "SELECT * FROM products WHERE prodID = '$productID'"; 

I get 0 results. I also tried to echo the $productID value and it seems empty and not the value that I saw in the URL.

What is my mistake please? How can I make the database query to fetch the product details based on the productID variable I passed in the link?

NOTE: I am trying to make a demo for MySQL injection vulnerability. Please, ignore security issues here.