-2

好的,所以我正在尝试使用我在侧面 pdo 更新中设置的变量我回显了 pdo 更新中的所有变量并且所有变量都已设置但更新似乎不起作用....我想我只是缺少单个/ 双引号

$myName = mysql_real_escape_string($_POST['myName']);
$mydropdown = mysql_real_escape_string($_POST['mydropdown']);





    if ($mydropdown == '1') {$tablename = "poke1";}
if ($mydropdown == '2') {$tablename = "poke2";}
if ($mydropdown == '3') {$tablename = "poke3";}
if ($mydropdown == '4') {$tablename = "poke4";}
if ($mydropdown == '5') {$tablename = "poke5";}
if ($mydropdown == '6') {$tablename = "poke6";}


echo $tablename;


$sqll = "UPDATE users SET '$tablename'=? WHERE username=?";
    $q = $db->prepare($sqll);
    $q->execute(array($myName,$_SESSION['username']));

我也回显了表名和 myName 都有效并设置为正确的东西

4

2 回答 2

0

使用反引号` 而不是单引号:

$sqll = "UPDATE users SET `$tablename`=? WHERE username=?";

另外,您确定它的SET $tablename, 还是包含$tablename列名?

于 2013-07-06T02:33:11.237 回答
-1

一点优化的代码

$myName = mysql_real_escape_string($_POST[`myName`]);

$tablename = null;

for($i = 1; $i < 7; $i++){

    if($_POST[`mydropdown`] == $i) $tablename = `poke`.$i;
}

if(!is_null($tablename)){

    echo $tablename;

    $q = $db->prepare("UPDATE users SET `$tablename`=:tablename WHERE username=:username");
    $q->bindParam(`:tablename`, $myName);
    $q->bindParam(`:username`, $username);
    $q->execute();
}
于 2013-07-09T08:05:38.510 回答