带有html复选框值的SQL语法中的错误

Question

Surely it is a really stupid issue, but I can not find the error.

From a form I get the value of a checkbox (0 or 1), but the query generates an error. "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'check)"

<form action="processCategory.php?action=add" method="post" enctype="multipart/form-data" name="frmCategory" id="frmCategory">
  <input type="hidden" name="check" value="0" />
  <input type="checkbox" name="check" value="1" />
</form>

PHP

 $checkboxValue = (isset($_POST['check'])) ? intval($_POST['check']) : 0; // returns 0 or 1


$sql   = "INSERT INTO tbl_category (cat_parent_id, cat_name, cat_description, check) 
          VALUES ($parentId, '$name', '$description', $checkboxValue)";
$result = dbQuery($sql) or die('Cannot add category' . mysql_error());

mysql field: check

`check` tinyint(1) NOT NULL

Answer 1

check is a reserved word and you are using it inside the query as one of the column.

List of all reserved words

You need to use backticks ` to escape reserved words in MySQL:

INSERT INTO tbl_category (cat_parent_id, cat_name, cat_description, `check`) 

Answer 2

change:

$sql   = "INSERT INTO tbl_category (cat_parent_id, cat_name, cat_description, check) 
      VALUES ($parentId, '$name', '$description', $checkboxValue)";

to:

$sql   = "INSERT INTO tbl_category (cat_parent_id, cat_name, cat_description, check) 
      VALUES ($parentId, $name, $description, $checkboxValue)";