MYSQL PHP脚本抛出语法错误

Question

Here is a small sample of code that is giving me a MySQL Syntax Error. Connect.php is connecting to the correct database and can be used with other projects and code. I know as a fact that the code in connect.php is correct. It is giving me a MySQL Syntax Error about. It doesn't give any more detail than this:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'keys WHERE key ='xxxxxxxxxxxx'' at line 1

I pulled this small sample of code from the main project and it still throws the error.

<?php
    require "connect.php";          
    $keyCheck = mysql_query("SELECT * FROM keys WHERE `key`='".$_POST['betakey']."'" , $con);

    if (!$keyCheck) {
        echo mysql_error();
        exit;
    } else {
        $keyRows = mysql_num_rows($keyCheck);
    if ($keyRows == 0) {
        echo "This key is invalid!";
        exit;
    }
?>

EDIT: I got the admin to rename the table and you guys helped me fix some potential security hazards.

Answer 1

I'm fairly sure keys is a reserved word. In any case, you should always enclose database, table and column names in backticks. Not just "sometimes" as you have in this example. Always.

Source .