0

I am making Android app in this app on registration activity I have 5 fields.

When I try to update any field then that field updated successfully but next field automatically blank.

Following is my update query:

 $string_query = "UPDATE TABLE 'tbl_kunal' WHERE `user_name`='$user_name',
 `user_email`='$user_email',

 `user_password`='$user_password',`user_mobile` ='$user_mobile' 
 WHERE `user_id`='$user_id' ;"

update.php

update code in android

RequestQueue requestQueue = Volley.newRequestQueue(this);
        StringRequest stringRequest = new StringRequest(Request.Method.POST, Up_URL, new Response.Listener<String>() {
            @Override
            public void onResponse(String response) {
                Log.d("mytag", "" + response);
            }

        }, new Response.ErrorListener() {

            @Override
            public void onErrorResponse(VolleyError error) {
            }
        }) {
            @Override
            protected Map<String, String> getParams() throws AuthFailureError {
                Map<String, String> params = new HashMap<>();
                params.put(KEY_ID, editText_id.getText().toString());
                params.put(KEY_NAME, editText_name.getText().toString());
                params.put(KEY_EMAIL, editText_email.getText().toString());
                params.put(KEY_PASSWORD, editText_pass.getText().toString());
                params.put(KEY_MOBILE, editText_mob.getText().toString());

                Log.d("mytag", "parms : :" + params);
                return params;
            }
        };
        requestQueue.add(stringRequest);
    }

Can anyone tell me how remove this error? All suggestions are welcome.

Note: I am not able to format my php file so that's why I am adding image of php file

Improve this question
1
  • Is the data in your database actually updated? Your query is missing the "SET column=value" part. The full query should be: "UPDATE TABLE 'tbl_kunal' SET user_name='$user_name', user_email='$user_email', user_password='$user_password', user_mobile ='$user_mobile' WHERE user_id='$user_id' ;" Commented Aug 30, 2016 at 9:14

1 Answer 1

Reset to default
1

Your query is malformed. You have two WHERE clauses instead of SET clause:

$string_query = "UPDATE TABLE 'tbl_kunal' 
SET `user_name`='$user_name',  `user_email`='$user_email', `user_password`='$user_password',`user_mobile` ='$user_mobile' 
WHERE `user_id`='$user_id' ;

Edit: You are storing the password in plaintext. Anyone who makes a select into user's table could get the user and password. I recommend you to encode passwords with HASH function.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

MD5 is not cryptographically strong and should NOT be used to hash passwords. I'd recommend using SHA-2 instead.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.