MySQL : Query Syntax error and 2 statements [closed]

Question

I have a problem with my script:

<?php
include('includes/header.php');
include("includes/config.php");
$email = $_GET['email'];
$key = $_GET['key'];
$email = strip_tags($email); 
$email = trim($email);
$key = strip_tags($key); 
$key = trim($key);
$sql = mysql_query("SELECT * FROM confirm WHERE email = '$email' AND key = '$key' 
ORDER BY id ASC LIMIT 1")or die(mysql_error()); 
while($result = mysql_fetch_array($sql))
{ 
$key2 = $result['key']; 
$email2 = $result['email'];  
}
if($key == $key2 && $email == $email2){
$sql = mysql_query("UPDATE users SET user_confirm = 1 WHERE user_mail = '$email2'")or  
die(mysql_error());
$sql = mysql_query("DELETE FROM confirm WHERE email = '$email2'")or die(mysql_error());
echo "Your account have been activated, and is ready to use!";
}else{
echo 'You have entered wrong key or the key is invalid!';
}
include('includes/footer.php');
?>

I get a Syntax error near 'key = (keyvalue here)'

Anyone knows what I have done wrong here?

Answer 1

'key' is a reserved word in MySQL.

Either change your first query to the following (watch the right quotation around the key word)

$sql = mysql_query("SELECT * FROM confirm WHERE email = '$email' AND `key` = '$key' ORDER BY id ASC LIMIT 1")or die(mysql_error()); 

The better solution though would be not to use mysql reserved words. So you could rename the "key" column in your "confirm" table.

Here's a List of MySQL reserved words: http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html

Answer 2

If your column name is "key" that is the problem KEY is an old operator in MySQL 5.1. You can put backticks around the column name to make it work

`key` = 'some value'

Answer 3

Edit your column name as cnf_key and then try by replacing beloow syntex

$sql = mysql_query("SELECT * FROM confirm WHERE email = '$email' AND `cnf_key`= '$key' 
ORDER BY id ASC LIMIT 0,1")or die(mysql_error());