$sql = "UPDATE " . test_mysql . " SET name='" . mysql_real_escape_string($_POST['name']) . "', lastname='" . mysql_real_escape_string($lastname) . "', email='" . mysql_real_escape_string($email) . "' WHERE id='" . mysql_real_escape_string($id) . "'";