PHP PDO Syntax error or access violation: 1064 on insert [duplicate]

Question

I have a table name boards, and I'm trying to insert data using the current code

function createBoard( $name, $desc  ) {
    try {
        $sth = $this->getLink()->prepare( "INSERT INTO boards(id,memberid,name,desc,datecreated,isactive) 
            VALUES(?,?,?,?,?,?)" );

        $uuid = $this->uuid();
        $memberid = 1;
        $date = Utils::getDate();
        $isactive = 1;

        $sth->bindParam( 1, $uuid );
        $sth->bindParam( 2, $memberid );
        $sth->bindParam( 3, $name );
        $sth->bindParam( 4, $desc );
        $sth->bindParam( 5, $date );
        $sth->bindParam( 6, $isactive );
        return $sth->execute();
    } catch( PDOException $e ) { 
        /*
         * save the error to the error log defined as @ERROR_LOG
         */ 
        file_put_contents( ERROR_LOG, ( "\n" . Utils::getDate() . " : " . $e->getMessage() ), FILE_APPEND);  
        die( "FATAL ERROR...Please check the error log." );
    }
}

However, every time I get this error "2012-05-11 14:40:50 : SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc,datecreated,isactive) VALUES('d5989c7e-9b98-11e1-88cd-0026b936528c','1' at line 1"

I have tried the same function using bindValue() and just putting the array with direct values into the $sth->execute() function but I always receive the same error. Maybe an outside eye can spot something I'm missing or doing wrong?

Answer 1

Encapsulate your field names in backticks (`), desc is a reserved word.

$sth = $this->getLink()->prepare( "INSERT INTO `boards` (`id`,`memberid`,`name`,`desc`,`datecreated`,`isactive`) 
            VALUES(?,?,?,?,?,?)" );