SQL PhP insert query problem

Question

I have a html form on local pc which has a form, on submits POST's values to a php file on my server.

The php file is supposed to enter the form values into database, but I keep getting the following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc, lat, lng) VALUES ('test', '51.489755', '-3.177407')' at line 1

html form:

  <form action="http://www.myurl.co.uk/folder/Add.php" method="POST">
    <input type="text" name="desc" id="desc" />
    <input type="text" name="lat" id="lat" />
    <input type="text" name="lng" id="lng" />

    <input type="submit" value="submit" name="submit" />
        </form>

php:

if($_POST)
{
$desc = mysql_real_escape_string(trim($_POST['desc']));
$lat = $_POST['lat'];
$lng = $_POST['lng'];


$posting = mysql_query("INSERT INTO tableName (desc, lat, lng) VALUES ('$desc', '$lat', '$lng')") or die(mysql_error());

I am pretty sure that the insert statement is correct as I have done this so many times, but for some reason won't do.

I know the values from the form ar being sent, as if you look at the error I am getting, the form values are in the VALUES section in the query.

any feedback is much appreciated

Answer 1

desc is a reserved word. You have to escape it:

$posting = mysql_query("INSERT INTO tableName (`desc`, `lat`, `lng`) VALUES ('$desc', '$lat', '$lng')") or die(mysql_error());

Answer 2

desc is a reserved word. Try this:

$posting = mysql_query("INSERT INTO `tableName` (`desc`, `lat`, `lng`) VALUES ('$desc', '$lat', '$lng')") or die(mysql_error());

Answer 3

desc is a reserved keyword in mysql. In your query, replace

desc

by

`desc`

Answer 4

desc or DESC is a reserved keyword in SQL to signify the order of result.

ASC = Ascending DESC = Descending.

Change your SQL to

INSERT INTO tableName (`desc`, lat, lng) VALUES ('$desc', '$lat', '$lng')