CODEWITHSUNDEEP
phpandroidmysql
Kunal Nikam
Kunal Nikam

Reputation: 79

Updation bug in php file when data updated via android app

I am making Android app in this app on registration activity I have 5 fields.

When I try to update any field then that field updated successfully but next field automatically blank.

Following is my update query:

 $string_query = "UPDATE TABLE 'tbl_kunal' WHERE `user_name`='$user_name',
 `user_email`='$user_email',

 `user_password`='$user_password',`user_mobile` ='$user_mobile' 
 WHERE `user_id`='$user_id' ;"

update.php

update code in android

RequestQueue requestQueue = Volley.newRequestQueue(this);
        StringRequest stringRequest = new StringRequest(Request.Method.POST, Up_URL, new Response.Listener<String>() {
            @Override
            public void onResponse(String response) {
                Log.d("mytag", "" + response);
            }

        }, new Response.ErrorListener() {

            @Override
            public void onErrorResponse(VolleyError error) {
            }
        }) {
            @Override
            protected Map<String, String> getParams() throws AuthFailureError {
                Map<String, String> params = new HashMap<>();
                params.put(KEY_ID, editText_id.getText().toString());
                params.put(KEY_NAME, editText_name.getText().toString());
                params.put(KEY_EMAIL, editText_email.getText().toString());
                params.put(KEY_PASSWORD, editText_pass.getText().toString());
                params.put(KEY_MOBILE, editText_mob.getText().toString());

                Log.d("mytag", "parms : :" + params);
                return params;
            }
        };
        requestQueue.add(stringRequest);
    }

Can anyone tell me how remove this error? All suggestions are welcome.

Note: I am not able to format my php file so that's why I am adding image of php file

Upvotes: 0

Views: 34

Answers (1)

adalpari
adalpari

Reputation: 3121

Your query is malformed. You have two WHERE clauses instead of SET clause:

$string_query = "UPDATE TABLE 'tbl_kunal' 
SET `user_name`='$user_name',  `user_email`='$user_email', `user_password`='$user_password',`user_mobile` ='$user_mobile' 
WHERE `user_id`='$user_id' ;

Edit: You are storing the password in plaintext. Anyone who makes a select into user's table could get the user and password. I recommend you to encode passwords with HASH function.

Upvotes: 1

Related Questions