Antoine Ferras Antoine Ferras - 11 months ago 40
Ajax Question

Database error trying to insert numbers and letters in to a table but only numbers work

I have tried to change my old script from msql to mysqli or PDO. The script works when I send an Ajax call to the PHP file.
I use:

but when stored the letters are transformed in number and I need to insert letters and numbers on that table.

My code is:

header('Access-Control-Allow-Origin: *');

include_once 'dbconnect.php';


//Lightly sanitize the GET's to prevent SQL injections and possible XSS attacks
$points = htmlentities($_REQUEST['points']);
// $statement = $dbh->prepare("UPDATE `users` SET user_points = user_points +'$points' WHERE user_id = " . $_SESSION['user']);
$statement = $dbh->prepare("UPDATE `users` SET user_id = user_id +'$points' WHERE id = 4 ");
$state = $statement->execute();

//$sql = mysql_query("INSERT INTO `publiadd_registervillageop`.`users` (`user_points`) VALUES ('points');");


//The query returned true - now do whatever you like here.
echo 'Your Points was saved. Congrats!';


//The query returned false - you might want to put some sort of error reporting here. Even logging the error to a text file is fine.
echo 'There was a problem saving your points. Please try again later.';


echo 'Your points wasnt passed in the request. Make sure you add ?name=NAME_HERE&score=1337 to the tags.';
<body bgcolor="#ffffff">

My problem is when I send the Ajax call in insert the data on that table but the data I need to insert is letters and numbers but it seems the script transforms the letters in numbers. How can I solve this?

Answer Source

Try using the MySQL CONCAT function.

"UPDATE `users` SET user_id = CONCAT('$points', user_id)  WHERE id = 4"