我有错误，我无法修复.. PHP 中的 SQL 错误

Question

我遇到了错误，我无法修复..

response error:
Database query failedYou have an error in your SQL syntax; 
check the manual that corresponds to your MySQL server version 
for the right syntax to use near '' as Loreta Punzalan'}, 
gender  = {'Female'}, dob = {'01/23/20' at line 2 

JS AJAX

$("button.update_btn").click(function(event){
        //alert("test");
        var clickedEditid = this.id.split('-');
        var dbId = clickedEditid[1];
        var mydata = '&recordToBeUpdated='+ dbId;
        var mydatas = $('#instructorUps').serialize();
            var datas = mydatas+mydata;
        //alert(datas);
        $.ajax({
            type:"POST",
            url:"<?php echo get_stylesheet_directory_uri(); ?>/includes/response_instructor_update.php?>",
            dataType:"text",
            data: datas,
            success: function(response){
                alert(response);
            // $('#ins_'+dbId).fadeIn();
                //$('#instructorModal').append(response);
                location.reload();
                },
            error:function(xhr, ajaxOption, thrownError){
                alert(thrownError);
                }

            });
        });

Response_instructor_update.php

<?php
// Response for AJAX

require_once("connection.php");
require_once("functions.php");
if(isset($_POST['fullnameup'])){

        $idupdate     =   mysql_prep($_POST["recordToBeUpdated"]);
        $fullname     =   mysql_prep($_POST["fullnameup"]);
        $username     =   mysql_prep($_POST["usernameup"]);
        $gender       =   mysql_prep($_POST["genderup"]);
        $dob          =   mysql_prep($_POST["dobup"]);
        $nationality  =   mysql_prep($_POST["nationalityup"]);
        $mobile       =   mysql_prep($_POST["mobileup"]);
        $emailadd     =   mysql_prep($_POST["emailaddup"]);
        $address      =   mysql_prep($_POST["addressup"]);
        $zipcode      =   mysql_prep($_POST["zipcodeup"]);
$query  = "UPDATE instructor SET    
            instructor    = {'$fullname'},
            gender        = {'$gender'},
            dob           = {'$dob'},
            nationality   = {'$nationality'},
            mobile       = {$mobile},
            emailadd     = {'$emailadd'},
            address      = {'$address'},
            zipcode      = {$zipcode},
            username     = {'$username'}
            WHERE instructorid= {$idupdate}";   
    $updatedInstructor = mysql_query($query,$connection);
    confirm_query($updatedInstructor);

    if (mysql_affected_rows() == 1){

        echo "TRUE";
        mysql_close($connection);
        }else{
            die("Database query failed". mysql_error());

            } 
    }
    ?>

Answer 1

我认为你的想法是正确的。但是，您有一个轻微的语法问题。

我相信您的变量没有评估为字符串，而 MySQL 期待字符串。请尝试以下方法：

$query  = "UPDATE instructor SET    
        instructor    = '{$fullname}',
        gender        = '{$gender}',
        dob           = '{$dob}',
        nationality   = '{$nationality}',
        mobile       = {$mobile},
        emailadd     = '{$emailadd}',
        address      = '{$address}',
        zipcode      = {$zipcode},
        username     = '{$username}',
        WHERE instructorid= {$idupdate}"; 

请注意，单引号 (') 在大括号 ({}) 之外。您必须在 MySQL 需要字符串的任何位置添加引号（列类型为 text/varchar/etc..）。

- 更新-

正如 sverri 所说，它们实际上被视为字符串。这里的问题是 php 的插值有微小的变化：您可以在双引号 (") 字符串中使用 {$variable} 或简单地使用 $variable。在您的帖子中，您有 {'$variable'} 使用 @987654325 进行插值@ 方法，当您打算用 PHP 替换它们时，只需将大括号视为字符串的一部分。