警告:PDO :: prepare():SQLSTATE [42000]:语法错误或访问冲突:更新时为1064
我要更新如下几张表:
for ($i=0; $i <count($tablesnames); $i++) {
$update3=$pdo->prepare('UPDATE :surveytable SET `postrecords`=:newrecord WHERE `id`=:id');
//var_dump()here
$update3->bindValue(':surveytable', $tablesnames[$i],PDO::PARAM_STR);
$update3->bindValue(':newrecord',$newrecord,PDO::PARAM_STR);
$update3->bindValue(':id',$id,PDO::PARAM_INT);
$update3->execute();
}
检查var_dump结果,$tablesnames[$i]和$newrecord是string,$id是int,$update3是false.
看起来一切正常,但失败了,
Check the var_dump result,$tablesnames[$i] and $newrecordare string,$id is int,$update3 is false.
Seemed everything ok but failed,
警告:PDO :: prepare():SQLSTATE [42000]:语法错误或访问冲突:1064您的SQL语法有错误;您可能会发现错误.检查与您的MySQL服务器版本相对应的手册,以获取在'?附近使用的正确语法.设置
postrecords=?id=在哪里?
Warning: PDO::prepare(): SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? SET
postrecords=? WHEREid=?'
出什么问题了?
(不幸的是),您不能在准备好的语句中为表名使用参数.您只能将它们用于数据文字.因此UPDATE :surveytable无效.
(Unfortunately) you can't use parameters for your tablename in your prepared statement. You can only use those for data literals. So UPDATE :surveytable is invalid.
按照手册:
参数标记只能代表完整的数据文字.两者都不 文字,关键字,也不是标识符或任何任意形式的一部分 可以使用参数来绑定查询部分.
Parameter markers can represent a complete data literal only. Neither part of literal, nor keyword, nor identifier, nor whatever arbitrary query part can be bound using parameters.
当您(完全!!!! )信任您的$tablesnames来源时,请使用
When you (completely!!!) trust your source of $tablesnames, use
'UPDATE `' . $tablesnames[i]` . '` SET `postrecords`=:newrecord WHERE `id`=:id'
代替