First complete upload on nas

public/schoolarea/update_yogaschool.php

@@ -0,0 +1,40 @@
+<?php include('include/headscript.php'); ?>
+<?php
+// Include database connection details
+// Assuming you have an existing connection to the database
+$conn = new mysqli($servername, $username, $password, $database);
+
+// Check connection
+if ($conn->connect_error) {
+    die("Connection failed: " . $conn->connect_error);
+}
+
+// Retrieve the POST data
+$field = $_POST['field'];
+$value = $_POST['value'];
+$idyogaschool = $_POST['idyogaschool'];
+
+// Ensure the field name is a valid column in the database
+$validFields = ['nameschool', 'address', 'country', 'referencemeailschool', 'schooldescription', 'shortschooldescription', 'city', 'zip', 'emailschool', 'referencenameschool', 'latitude' . 'longitude'];
+
+if (in_array($field, $validFields)) {
+    // Prepare the SQL statement using prepared statements to prevent SQL injection
+    $stmt = $conn->prepare("UPDATE yogaschool SET $field = ? WHERE idyogaschool = ?");
+    $stmt->bind_param("si", $value, $idyogaschool);
+
+    // Execute the statement
+    if ($stmt->execute()) {
+        echo "Field updated successfully";
+    } else {
+        echo "Error updating field: " . $conn->error;
+    }
+
+    // Close the statement
+    $stmt->close();
+} else {
+    echo "Invalid field";
+}
+
+// Close the connection
+$conn->close();
+?>