Where is the SQL syntax error in this query?

mysqli_error() clearly states:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group, uploaded_by, date_uploaded, url) VALUES (1, 1, NOW(), '/gallery/1/h' at line 2

But this is the generated SQL query

INSERT INTO
gallery_images (group, upload开发者_JAVA百科ed_by, date_uploaded, url)
VALUES (1, 1, NOW(), '/gallery/1/halflife2180z97stmydo1600x1200.jpg')

It's practically identical to another SQL query I have running on the same site, without errors.

I would understand if I'm trying to insert an invalid value into a field in MySQL, but it clearly states that I have a syntax error, and I just can't see it.

Reply if you can see it. Below is the PHP behind the query

$res = $con->query("
        INSERT INTO
        gallery_images (group, uploaded_by, date_uploaded, url)
        VALUES ($group, {$_SESSION[user]->id}, NOW(), '$escaped_name')
    ");

group is a reserved keyword. Put backticks around it.

$res = $con->query("
        INSERT INTO
        gallery_images (`group`, uploaded_by, date_uploaded, url)
        VALUES ($group, {$_SESSION[user]->id}, NOW(), '$escaped_name')
    ");

Group is a reserved keyword, change that column name.

http://dev.mysql.com/doc/refman/5.0/en/group-by-functions.html

group is reserved MySQL keyword, you cannot use it like that. Surround it with backtick `group ` (the symbol near 1 key)

gallery_images (group, uploaded_by, date_uploaded, url)

group is keyword

$res = $con->query("
        INSERT INTO
        gallery_images (`group`, `uploaded_by`, `date_uploaded`, `url`)
        VALUES ($group, {$_SESSION[user]->id}, NOW(), '$escaped_name')
    ");

Should do it.

group is a reserved word in MySQL. You might have to put it in quotes:

INSERT INTO
gallery_images (`group`, uploaded_by, date_uploaded, url)
VALUES (1, 1, NOW(), '/gallery/1/halflife2180z97stmydo1600x1200.jpg')