public function update(User $user)
{
$id = $user->getId();
// $login = mysqli_real_escape_string($this->db, $user->getLogin());
$login = $this->db->quote($user->getLogin());
// $password = mysqli_real_escape_string($this->db, $user->getHash());
$password = $this->db->quote($user->getHash());
// $email = mysqli_real_escape_string($this->db, $user->getEmail());
$email = $this->db->quote($user->getEmail());
// $name = mysqli_real_escape_string($this->db, $user->getName());
$name = $this->db->quote($user->getName());
// $surname = mysqli_real_escape_string($this->db, $user->getSurname());
$surname = $this->db->quote($user->getSurname());
$date_birth = $user->getDateBirth();
$query = "UPDATE user SET login="******", password="******", email=" . $email . ", name=" . $name . ", surname=" . $surname . ", date_birth=" . $date_birth . " WHERE id=" . $id . "";
// $res = mysqli_query($this->db, $query);
$res = $this->db->exec($query);
if ($res) {
return $this->findById($id);
} else {
return "Internal Server Error";
}
}
