I've been racking my brain with this problem, and after searching Google and Stack Overflow a hundred times each I've decided to just ask about it outright.
I'm trying to make a page that uses PHP and MySQL to search a database as the user types in a keyword. I've used several tutorials on the subject, and they all appeared upfront and simple, but have not given any prediction for the trouble I've been having.
When I use "SELECT * FROM charlist", it returns all rows, as it should. But when I use "SELECT * FROM charlist WHERE Character ='" . $character . "'", I get the following error:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= 'X'' at line 1
X is whatever the user typed in, and blank if nothing is typed in.
What am I doing wrong?
Here is the full code:
<?php
$con = mysqli_connect("xxxx", "xxxxxxxx", "xxxxxxx", "xxxxxxxxxx");
if (!$con)
{
die('Could not connect: ' . mysqli_error($con));
}
$character = $_POST[character];
mysqli_select_db($con, "xxxxxxxx");
$sql = "SELECT * FROM charlist WHERE Character = '" . $character . "'";
$result = mysqli_query($con,$sql);
if (!$result) {
printf("Error: %s
", mysqli_error($con));
exit();
}
echo "<table border='1'>
<tr>
<th>Character</th>
<th>Player</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo '<tr style="border-color:#';
echo $row[Color];
echo ';">';
echo '<td style="border-style:solid;border-width:3px;"><a href="';
echo $row[url];
echo '">';
echo $row[Character];
echo '</a></td>';
echo '<td>';
echo $row[Player];
echo'</td>';
echo '</tr>';
}
echo '</table>';
mysqli_close($con);
?>
