Im using Scriptaculous' Ajax.InPlaceEditor and i have this :


<span id="status"> <?php echo $usrd[status]; ?> </span>
<script type="text/javascript">
<!--
new Ajax.InPlaceEditor('status', 'ajax.php');
-->
</script>But i dont no how to update the database in the ajax.php file i tried:


<?php
include("include/core.class.php");
//SQL QUERY
$dsql="UPDATE user SET status='".$usrd[status]."' WHERE id ='".$usrd[id]."'";
$dupdate=mysql_query($dsql) or die ("Couldn't Execute Command");
?>But it didnt update nothing, any ideas?


EDIT: nvm worked it out, apparently it automatically sends a post with the variable $value :D so i just done this



<?php
$value = $_POST['value'];
$dsql="UPDATE user SET status='".$value."' WHERE id ='".$usrd[id]."'";
$dupdate=mysql_query($dsql) or die ("Couldn't Execute Command");
echo $value;
?>

good to see you fixed it, just put it through some basic filters to stop SQL injections. Dont want internet nasty's messing around with your site :)




// Did it in a simple function, can add addslashes or stripslashes
// if you want, but that should protect you from most things.
function filterMePlox( $string ){
$string = htmlentities( $string, ENT_QUOTES );
$string = mysql_real_escape_string( $string );
}

$value = filterMePlox($_POST['value']);

$dsql="UPDATE `user` SET `status` = '$value' WHERE `id` = '$usrd[id]'";

$dupdate=mysql_query($dsql) or die ("Sorry, something went wrong");

echo $value;