Monty Monty - 1 year ago 74
SQL Question

Table value are not changing

There is my code of EDIT.php DB_Functions,and g.php..I'm not geting where is the fault is anyone here who can help me to find out mistake on my code

Every things happen as easy but change in table is not SQL query is working properly on XAMP server..
It may be silly mistake but not able to find it..



if (isset ($_GET['edit_id']))
$id =($_POST['edit_id']);

$result = file_get_contents('http://localhost/rajju/demo/webservises/webservises/webservices/g.php?action=update_details&id='.$id.'&name='.$name.'&lastname='.$lastname.'&email='.$email.'&duser='.$duser.'&pass='.$pass.'&mob='.$mob.'&website='.$website);

$result = json_decode($result, true);

if($result == 'success'){



$select =mysql_query("select * from users where id=$id");
$var = mysql_fetch_object($select);



public function updateUser($id,$name,$lastname,$email,$duser,$pass,$mob,$website)

$app_list =mysql_query("UPDATE users SET name='".$name."',lastname='".$lastname."',email='".$email."',duser='".$duser."',pass='".$pass."',mob='".$mob."',website='".$website."' WHERE id='".$id."'");

if ($app_list) {
return true;
} else {
return false;


else if($tag == 'update_details')
$db = new DB_Functions();
//$id = ($_GET['id']);

//exit (json_encode($name));

if ($db ->updateUser($name,$lastname,$email,$duser,$pass,$mob,$website))
exit (json_encode('success'));

exit (json_encode('errorzz'));



Answer Source

The following should work. Note this still wont totally protect you against xss and other attacks. However its a lot better than using mysql_query!! Additionally, you should sanatise and check your incoming $_GET params and Salt+Hash your passwords.

    $conn   = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
    $sql    = "UPDATE users SET name=:name, lastname=:lastname, email=:email, duser=:duser, pass=:pass, mob=:mob, website=:website, WHERE id=:id";;
    $st     = $conn->prepare( $sql );
    $st->bindValue(":name", $name, PDO::PARAM_STR);
    $st->bindValue(":lastname", $lastname, PDO::PARAM_STR);
    $st->bindValue(":email", $email, PDO::PARAM_STR);
    $st->bindValue(":duser", $duser, PDO::PARAM_STR);
    $st->bindValue(":pass", $pass, PDO::PARAM_STR);
    $st->bindValue(":mob", $mob, PDO::PARAM_STR);
    $st->bindValue(":website", $website, PDO::PARAM_STR);
    $st->bindValue(":id", $id, PDO::PARAM_INT);
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download