PHP List based on Form Selection: MDB2 Error: syntax error

Question

I'm creating a table that outputs a list of country details based on a form selection but I keep getting this error: MDB2 Error: syntax error. How can I fix this type of error?

Here is my code:

<?php
    $db =& MDB2::connect($dsn); 
    if(PEAR::isError($db)){ 
        die($db->getMessage());
    }
    $table_name="country";
    $db->setFetchMode(MDB2_FETCHMODE_ASSOC);

    $country_id = mysql_real_escape_string($_GET["country_id"]);

    // collect values from a form sent with method=get
    $gdp = mysql_real_escape_string($_GET["gdp"]);
    $population = mysql_real_escape_string($_GET["population"]);
    $country_name = mysql_real_escape_string($_GET["country_name"]);
    $gold = mysql_real_escape_string($_GET["gold"]);
    $bronze = mysql_real_escape_string($_GET["bronze"]);
    $silver = mysql_real_escape_string($_GET["silver"]);
    $total = mysql_real_escape_string($_GET["total"]);

    $sql = "SELECT * FROM $country WHERE country_id='$country_id'";

    $res =& $db->query($sql);      //MDB2 Error: syntax error

    if (PEAR::isError($res)) {
        die($res->getMessage());    //error printed here
    }
?>

Answer 1

In your line "SELECT * FROM $country WHERE country_id='$country_id'", the variable $country is not defined, so it will render as e.g. "SELECT * FROM WHERE country_id='1'", hence the SQL error.

It looks like you meant $table_name, which has the value 'country'.

Since that appears to be defined just a few lines up, it would probably make more sense to just write it in the SQL statement directly, rather than having a variable, but maybe you have plans for that variable later...