1

So I have this,

<?php
require "database.php";

$to=$_GET['toF'];
$content=$_POST['message_contentl'];
$from=$_GET['fromF'];

$ck_reciever = "SELECT Username FROM accounts WHERE username = '".$to."'";     

 if( mysql_num_rows( mysql_query( $ck_reciever ) ) == 0 ){
die("The user you are trying to contact don't exist. Please go back and try again.<br>
<form name=\"back\" action=\"Send_FR.php\" method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}else{

$a1 = $_POST['message_contentl'];
$a2 = $_GET['fromF'];
$a3 = $_GET['toF'];
mysql_query("INSERT INTO Friends (fr_message, From, To) VALUES ('$a1', '$a2', '$a3')");     OR die("Could not send the message: <br>".mysql_error()); 
echo "The Friend Request Was Successfully Sent!";
?>

But it doesn't work.

All it does is give me this error message:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'From, To) VALUES ('', 'Extro', 'Syncro')' at line 1

Help, please?

Ethan Webster
  • 103
  • 3
  • 3
  • 10
  • does the fr_message column accept null values? – Eric Herlitz Sep 05 '11 at 20:00
  • possible duplicate of [Syntax error due to using a reserved word as a table or column name in MySQL](http://stackoverflow.com/questions/23446377/syntax-error-due-to-using-a-reserved-word-as-a-table-or-column-name-in-mysql) – Ian Ringrose May 06 '14 at 10:15

2 Answers2

5

from and to are reserved words in SQL, in MySQL you can use reserved words as column or table names by wrapping them in backticks, but I'd strongly advise against the use of reserved word as column names, it's horribly confusing. Small example ex absurdo:

 select `select`, `from` from `where` where `like` like 'like';

Yeah, the engine eats it, but you'll admit it could be more readable :-)

fvu
  • 32,488
  • 6
  • 61
  • 79
1

FROM is a reserved SQL keyword - if you have a column or a table with that name, you will have to back-quote (`) it.

Gus
  • 7,289
  • 2
  • 26
  • 23