Search code examples
phpmysqlajaxjquery-jtable

JTable PHP Update Not Working

I downloaded the JTable PHP Demo file and modified the code. Here's how I do it..

enter code here //Prepare jTable
        $('#PeopleTableContainer').jtable({
            title: 'User Maintenance',
            actions: {
                listAction: 'PersonActions.php?action=list',
                createAction: 'PersonActions.php?action=create',
                updateAction: 'PersonActions.php?action=update',
                deleteAction: 'PersonActions.php?action=delete'
            },
            fields: {
                strUsrName: {
                    key: true,
                    create: false,
                    edit: false,
                    list: true,
                    title: 'UserName'
                },
                strUsrFName: {
                    title: 'FirstName',
                    width: '10%'
                },
                strUsrMName: {
                    title: 'MiddleName',
                    width: '10%'
                },
                dtmUsrCreated: {
                    title: 'Record date',
                    width: '30%',
                    type: 'date',
                    create: false,
                    edit: false
                }
            }
        });

And Here's My Query...

//Updating a record (updateAction)
else if($_GET["action"] == "update")
{
    //Update record in database
    $result = mysql_query("UPDATE tbluser SET strUsrFName = '" . $_POST["strUsrFName"] . "', strUsrMName = " . $_POST["strUsrMName"] . " WHERE strUsrName = " . $_POST["strUsrName"] . ";") or die('ERROR: '.mysql_error());

    //Return result to jTable
    $jTableResult = array();
    $jTableResult['Result'] = "OK";
    print json_encode($jTableResult);
}

My Main Problem is: When I removed the die(), the table updates the data on it but it does not update the data in the database so I guessed the error is in the query or maybe in the Primary Key. Can someone help me please?

Solution

  • Your query is not written correct. You need to use quotes to ensure you pass string values to the columns that are not numeric. Your query should look like this:

    $result = mysql_query("UPDATE tbluser SET strUsrFName = '" . $_POST["strUsrFName"] . "', strUsrMName = '" . $_POST["strUsrMName"] . "' WHERE strUsrName = '" . $_POST["strUsrName"] . "';") or die('ERROR: '.mysql_error());

    As I said in my comment, don't use mysql_query anymore. It's deprecated and exposed to sql injections. If you use prepared statements you do not have the quote issue anymore.

    $sql = "UPDATE tbluser SET strUsrFName = :strUsrFName, strUsrMName = :strUsrMName WHERE strUsrName = :strUsrName;";
$sth = $pdo->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute(array(":strUsrFName" => $_POST["strUsrFName"], ":strUsrMName" => $_POST["strUsrMName"], ":strUsrName" => $_POST["strUsrName"]));