Hello... i got a simple form created: <form action="search.php" method="POST"> <input type="text" name="search" size="55"><br><br> <input type="submit" value="Hladaj_Zastavky" name="Hladaj_Zastavky"> <input type="submit" value="Hladaj_Linky" name="Hladaj_Linky"> <input type="reset" value="Vynulovat_Formular"> </form><br> and the search.php problem part of file looks something like this: if (isset($_POST['Hladaj_Linky'])) { $sparam=$_POST['search']; mysql_connect(localhost,$username,$password); 15: @mysql_select_db($database) or die( "Chyba pri spojeni s databazou!"); 16: $query="SELECT * FROM linky WHERE meno="$sparam" OR trasa="$sparam""; ... The problem is Parse error, syntax error, unexpected T_VARIABLE on line 16... I guess im making some mistake when trying to take value of text field and using it as a search parameter but I dont know how to solve it. Thx for help!
You should use single quotes within your mysql query. Also, your query is insecure, you should be using mysql_real_escape_string on all user inputted data. eg $sparam=mysql_real_escape_string($_POST['search']); Code (markup):