<pre>public function update($table, $data, $where)
{
$collection = array_merge($data, $where);
$values = array_values($collection);
$fieldDetails = null;
foreach ($data as $key => $value) {
$fieldDetails .= "$key = ?,";
}
$fieldDetails = rtrim($fieldDetails, ',');
$whereDetails = null;
$i = 0;
foreach ($where as $key => $value) {
$whereDetails .= $i == 0 ? "$key = ?" : " AND $key = ?";
$i++;
}
$stmt = $this->run("UPDATE $table SET $fieldDetails WHERE $whereDetails", $values);
return $stmt->rowCount();
}
</pre>
<pre>$towallet = intval($rgy['mainbalance']) - intval($newamount);
$letUpdate = $db->update('mywallet', ['main' => $towallet], ['validate' => $apikill]); </pre>
From the screenshot, the third column addresses the amount value. The very one at the top is the previous balance, the middle is the new amount while the third is the new balance. All credit and debit were written to b recorded in the transaction table. All of this works fine for many months, until someone was able to breach it this week over and over. And there's no record for this strange activities. There's no other direct code to interact with my wallet table, what could have been wrong