Why does this return error?

[rswildy]

<?php	// Connects to your Database 	mysql_connect("localhost", "....", "....") or die(mysql_error()); 	mysql_select_db("rswildy") or die(mysql_error());	function InsertToDB($id, $name, $desc)	{			mysql_query("INSERT INTO ids_items 			(id, name, desc) VALUES('".$id."', '".$name."', '".$desc."') ") 			or die(mysql_error()); 	}	$lines = file( 'http://www.lukesrealm.co.uk/lists/317/ALL%20ITEMS.txt' );	foreach ( $lines as $line ) {		$amount++;		$done = list( $id, $name, $desc ) = preg_split( '/ - /', $line );		InsertToDB($done[0], $done[1], $done[2]);		echo $amount."<br />\n";	}?>

error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc) VALUES('0', 'Dwarf remains', 'The body of a Dwarf savaged by Goblins. ')' at line 2

[Synook]

"desc" is a reserved keyword in MySQL (as in "ORDER BY column DESC"). Call your column something else (putting the name as such: `desc` may also fix it).

[rswildy]

new error.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's notes', 'Construction notes for Dwarf cannon ammo. ')' at line 2

it adds the first 3 from the list theres 7,8k to add. how can i avoid the errors like this?

[Synook]

Use mysql_real_escape_string() to escape the '

	function InsertToDB($id, $name, $desc)	{			$id = mysql_real_escape_string($id);			$name = mysql_real_escape_string($name);			$desc = mysql_real_escape_string($desc);			mysql_query("INSERT INTO ids_items			(id, name, desc) VALUES('".$id."', '".$name."', '".$desc."') ")			or die(mysql_error());	}

(don't forget to change the INSERT to solve the initial problem)