<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
// Change the Type to text/plain
header('Cache-Control: no-cache');
// In AJAX no page is returned just data as text
header('Content-Type: text/plain');

define("DEBUG", true);

include ("dbcon.php");
$sql = 'UPDATE utmp_orders SET lbl_qty = ? , lbl_prc= ? WHERE t_ordid = ?';
if ($stmt = mysqli_prepare($connection, $sql)) {
  mysqli_stmt_bind_param($stmt, "ssi", $qty, $prc, $id);// bind parameters to variables
$idin = '';
foreach ($_POST['vals'] as $vals) {
  $sets = explode("_", $vals);
  if (count($sets) != 3) exit('Post error number: erc7182');
  list($id, $qty, $prc) = $sets;
  $idin .= $id.',';
  mysqli_stmt_execute($stmt);// send variable data to MySQL
  }

mysqli_stmt_close($stmt);// close statement
} else 
  if (DEBUG) exit(mysqli_error($connection)); 
    else exit('Post error number: erp471');

$idin = substr($idin, 0, -1);
$query = 'SELECT t_ordid, lbl_qty , lbl_prc FROM utmp_orders WHERE t_ordid IN ('.$idin.')';
$re = mysqli_query($connection, $query);
$sendBack = '~<b>SUCCESS!</b><br/>';
while($row = mysqli_fetch_assoc($re)){
$sendBack .= 'New Update Row id='. $row['t_ordid'].' qty= '. $row['lbl_qty'].', prc= '. $row['lbl_prc'].'<br />';	
}
$sendBack .= '^made to rows ID of '.$idin;
echo $sendBack;
/*
$query="delete from utmp_orders where t_ordid ='{$varid}'";
	
$query="update utmp_orders set lbl_qty =' [b]1[/b] ' , lbl_prc=' [b]2[/b] ' where t_ordid = {$record['id']}";
*/
?>
Please notice That I have a slight bit of error control, IT is important when using Database contacts to have some type of error IF you query does NOT WORK.
I use the MySQLI prepare and execute for safety from SQL injections.

Please Run my code to see if it works for you.

Select all