2

I got this error : 

Database problem occur, please try again later.
- Error in query: INSERT INTO main SET title ='', url='www.jerseymurah.com', kod='jerseymurah', owner='Hasbul Aqill', tag='jersey, football, world cup', since='Feb 2010', desc='ssfsfsfsfs'
- Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc='ssfsfsfsfs'' at line 1 (Error #1064)
- File: /home/yosh/domains/yosh.my/public_html/demo/admincp/tambah-save.php

and this is my mysql query code :

$query = "INSERT INTO main SET title ='".$ttile."', url='".$url."', 
kod='".$kod."', owner='".$owner."', tag='".$tag."', since='".$since."', 
desc='".$desc."'";
$db->rq($query);

Please help and thanks a lot!

sleske
  • 77,633
  • 33
  • 182
  • 219
Zhaf
  • 1,634
  • 5
  • 18
  • 16
  • 2
    If I am not wrong you are using UPDATE syntax to INSERT. – Dejan Marjanović Dec 28 '10 at 12:54
  • In the future, don't care about the PHP code if you get a SQL error: look at the SQL query first. PHP != SQL. – Álvaro González Dec 28 '10 at 13:00
  • As an aside: Please, please, use parametrized statements, don't concatenate SQL fragments and parameters as strings, that is evil (-> SQL injection). See e.g. http://en.wikipedia.org/wiki/SQL_injection , and [Best way to stop SQL Injection in PHP](http://stackoverflow.com/questions/60174/best-way-to-stop-sql-injection-in-php) . – sleske Mar 09 '15 at 10:03
  • Also note that you are using a non-standard SQL syntax for your INSERT. It works with MySQL, so is not the cause of the error. Still, you might want to avoid DB-specific constructs unless there's no alternative. – sleske Mar 09 '15 at 10:05

3 Answers3

7

DESC is a reserved word in mySQL.

You need to put that field in backticks:

`desc`="..."

maybe consider renaming the field.

mySQL reserved words in the manual

Pekka
  • 431,103
  • 135
  • 960
  • 1,075
1

I think DESC is a reserved word, try escaping it with backticks.

Sjoerd
  • 71,634
  • 16
  • 123
  • 171
-1
mysql_query("INSERT INTO main(title,url,kod,owner,tag,since,description) VALUES('$title','$url','$kod','$owner','$tag','$since','$desc')");
Dejan Marjanović
  • 19,004
  • 7
  • 50
  • 66