help me,
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''%jateng%' WHERE (`kabupaten` LIKE '%demak%') OR (`kecamatan` LIKE ' at line 1"
<?php
$query = $_GET['query'];
$select = $_GET['select'];
// gets value sent over search form
$min_length = 3;
// you can set minimum length of the query if you want
if(strlen($query) >= $min_length){ // if query length is more or equal minimum length then
$query = htmlspecialchars($query);
// changes characters used in html to their equivalents, for example: < to >
$query = mysql_real_escape_string($query);
// makes sure nobody uses SQL injection
$raw_results = mysql_query("SELECT * FROM '%".$select."%'
WHERE (`kabupaten` LIKE '%".$query."%') OR (`kecamatan` LIKE '%".$query."%')") or die(mysql_error());
// * means that it selects all fields, you can also write: `id`, `title`, `text`
// articles is the name of our table
// '%$query%' is what we're looking for, % means anything, for example if $query is Hello
// it will match "hello", "Hello man", "gogohello", if you want exact match use `title`='$query'
// or if you want to match just full word so "gogohello" is out use '% $query %' ...OR ... '$query %' ... OR ... '% $query'
if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following
while($results = mysql_fetch_array($raw_results)){
// $results = mysql_fetch_array($raw_results) puts data from database into array, while it's valid it does the loop
echo
"<tr><td>".$results['provinsi']."</td>"
."<td>".$results['kabupaten']."</td>"
."<td>".$results['kecamatan']."</td>"
."<td>".$results['desa']."</td>"
."<td>".$results['kodepos']."</tr>";
// posts results gotten from database(title and text) you can also show id ($results['id'])
}
}
else{ // if there is no matching rows do following
echo "No results";
}
}
else{ // if query length is less than minimum
echo "Minimum length is ".$min_length;
}
?>