Hi this is line 64 to 72 of a page ( for editing articles) else if (isset($_POST['save'])){ $id=$_POST['id']; $title=$_POST['title']; $text=$_POST['text']; $section=$_POST['section']; $order=$_POST['order']; $query = "UPDATE articles SET title='$title', text='$text', section='$section', order='$order' WHERE id='$id'"; $result=mysql_query($query); if($result){ echo 'success';} else {echo mysql_error().': '.$query;} } PHP: But it says: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order='0' WHERE id='68'' at line 1: UPDATE articles SET title='edited title', text='edited article', section='0', order='0' WHERE id='68' what can I do?
Order is a reserved keyword. Place backticks around it so MySQL recognizes it as fieldname. "... `order`='$order' ..." PHP: And you really really should have a look at this page. www.php.net/mysql_real_escape_string