MySQL server version for the right syntax to use near 'match (aanbieder_id, vrager_id) VALUES ((' 64 ','6'))' at line 1

Question

My code:

<?php 

session_start(); 

include('connection.php');

$vrager_id = $_SESSION['vrager_id'];
$aanbieder_id = $_GET['aanbieder_id'];
echo $vrager_id. '<br>';
echo $aanbieder_id.'<br>';

        mysql_query("INSERT INTO match
        (aanbieder_id, vrager_id) VALUES ('$aanbieder_id', '$vrager_id' ) ") 
        or die(mysql_error()); 
        
        mysql_close($mysql);
        
?>

My output:

6

64

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'match (aanbieder_id, vrager_id) VALUES ((' 64 ','6'))' at line 1

I also included a picture of my database if that somewhat helps:

Answer 1

match is a reserved keyword within MySQL. If you want to use it as an identifier, enclose it in backticks (as you should always do with identifiers):

 mysql_query("INSERT INTO `match`
        (aanbieder_id, vrager_id) VALUES ('$aanbieder_id', '$vrager_id' ) ") 

^{mysql_ functions are deprecated. See PDO or MySQLi for replacements!}

Answer 2

MATCH is a MySQL reserved word.

You can use reserved words for table names only if you delimit them:

mysql_query("INSERT INTO `match`
    (aanbieder_id, vrager_id) VALUES ('$aanbieder_id', '$vrager_id' ) ") 

PS: You have a grievous SQL injection vulnerability. Never take values from $_GET and copy them directly into your queries. See How can I prevent SQL injection in PHP?