0

I try to edit data in mysql from flutter. I send Id from page one to page two And by id I Inquire about specific data then edit it With the condition where Id=Id. Now when the application works, I can make sure Id send to php file. I try here to update field of name.

Logcat

I/flutter: tappedddd http://xxxxxxxxx/ccv.php?id=66

I can see ID is sent with the link but data now do not change in the database.I don't know what is problem. Anyone know solution for this problem?

my full code:

import 'package:flutter/material.dart';
import 'package:flutter/services.dart';
import 'package:http/http.dart' as http;
import 'dart:async';
import 'dart:convert';

import 'MyPreferences.dart';

class Update extends StatefulWidget {
  var getid;
  Update({Key key, this.getid}) : super(key: key);
  @override
  _UpdateState createState() => new _UpdateState();
}

class _UpdateState extends State<Update> {
  MyPreferences _myPreferences = MyPreferences();
  var getid;

  var _isLoading = false;
  var data;

  var _username = "";
  var _phone = "";
  var _password = "";
  var image ="";

  var _phoneController = new TextEditingController();
  var _firstnameController = new TextEditingController();
  var _lastnameController = new TextEditingController();


  Future<String> _ShowDialog(String msg) async {
    return showDialog<String>(
      context: context,
      barrierDismissible: false, // user must tap button!
      builder: (BuildContext context) {
        return new AlertDialog(
          title: new Text('Rewind and remember'),
          content: new SingleChildScrollView(
            child: new ListBody(
              children: <Widget>[
                new Text(msg),
              ],
            ),
          ),
          actions: <Widget>[
            new FlatButton(
              child: new Text('Close'),
              onPressed: () {
                Navigator.of(context).pop();
              },
            ),
          ],
        );
      },
    );
  }

  void _editData() async {

    var url = "http://xxxxxxxx/ccv.php?id=${widget.getid}";
    print("tappedddd $url");
    var response = await http.post(url, body: {
     "id": widget.getid,

   // "id": _userController.text,
      "name": _firstnameController.text,
    //  "name": _phoneController.text,
   //   "name": _lastnameController.text,
   

    });
    if (response.statusCode == 200) {

      _ShowDialog("Updated Successfully");
    } else {
      _ShowDialog("Updated Failer");
    }

    //onEditedAccount();
    //print(_adresseController.text);
  }

  _fetchData() async {
    final url =
        "http://xxxxxxxxxx/nhy.php?id=${widget.getid}";
    final response = await http.get(url);
    if (response.statusCode == 200) {
      final map = json.decode(response.body);
      final videosMap = map["result"];

      setState(() {
        _isLoading = true;
        this.data = videosMap;
        _username = data[0]['name'];
      image = data[0]['image'];
        print(data);
      });
    }
  }

  @override
  void initState() {
    super.initState();
    _fetchData();
  }

  @override
  Widget build(BuildContext context) {
    return new Scaffold(
        appBar: AppBar(
          title: Text("Update Profile"),
        ),
        body: new Center(
          child: data == null
              ? new CircularProgressIndicator()
              : new ListView(
                  children: <Widget>[
                    new Padding(
                      padding: const EdgeInsets.fromLTRB(5, 100, 5, 5),

                      child: Column(
                        children: <Widget>[
                          new Padding(
                            padding:
                                const EdgeInsets.only(top: 20.0, bottom: 25.0),
                            child: Expanded(flex: 1,
                              child: Container(
                                child: Card(
                                  child: new Padding(
                                    padding: const EdgeInsets.all(5.0),
                                    child: Image.network(
                                      image,
                                      width: 300,
                                      height: 300,
                                      fit: BoxFit.cover,
                                    ),
                                  ),
                                ),
                              ),
                            ),
                            ),


Card (

    child: Column(

        children: <Widget>[
          SizedBox(
            height: 10.0,
          ),
    Container(
    margin: EdgeInsets.all(4),
                          child: TextField(
                            maxLength: 10,
                            decoration: InputDecoration(

                                labelText: ("name : "),
                                filled: true,
                                hintText: _username),
                            controller: _firstnameController,
                          ),
    ),
          SizedBox(
            height: 5.0,
          ),
        Container(
            margin: EdgeInsets.all(4),
                          child: TextField(
                            maxLength: 8,
                            decoration: InputDecoration(
                                labelText: ("phone : "),
                                filled: true,
                                hintText: _phone),
                            controller: _phoneController,
                          ),
        ),
          SizedBox(
            height: 5.0,
          ),
        Container(
            margin: EdgeInsets.all(4),
                          child: TextField(
                            maxLength: 8,
                            decoration: InputDecoration(
                                labelText: ("password : "),
                                filled: true,
                                hintText: _password),
                            controller: _lastnameController,
                          ),

        ),
          SizedBox(
            height: 5.0,
          ),

       ]

    )

),

                          SizedBox(
                            width: double.infinity,
                            child: new FlatButton(
                              child: const Text('Update'),color: Colors.amber,
                              padding: EdgeInsets.fromLTRB(100, 18, 100, 18),
                              onPressed: () { _editData();
                              },
                            ),
                          ),

                          SizedBox(
                            height: 10.0,
                          ),
                        ],
                      ),

                    )
                  ],
                ),
        ));
  }
}

php file:

<?php
 require_once 'connt.php';

  $id=$_POST['id'];
  $name =$_POST['name'];
 
  
$query="UPDATE topics SET name='$name' WHERE id='$id'";

   $exeQuery = mysqli_query($con, $query) ;

     if($exeQuery){
     echo (json_encode(array('code' =>1, 'message' => 'Modifier avec succee')));
}else {echo(json_encode(array('code' =>2, 'message' => 'Modification Non Terminer')));
 }


 ?>
  • 1
    **Warning:** You are wide open to [SQL Injections](https://stackoverflow.com/a/60496/1839439) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman Aug 23 '20 at 10:46
  • did u manage to fix this? – azheen Nov 15 '20 at 11:37

0 Answers0