Are $keyword and $english defined? (you're using not the string 'english' but the variable $english!) and are you sure the SQL field is called language
s? (since you seem to compare it with just one language at a time).
Anyway, if $lang is litterally this:
[text]'Finnish' OR languages='Italian' OR languages='German'[/text]
Then this query: (note the absence of quotes here)
Code: Select all
$query = "SELECT * FROM `engines` WHERE (languages=$lang) ORDER BY hits DESC";
Would evaluate to:
[text]SELECT * FROM `engines` WHERE (languages='Finnish' OR languages='Italian' OR languages='German') ORDER BY hits DESC";[/text]
Which is probably what you need?
This is a REAL bad, risky, error-prone, badly maintainable, vulnerable, crappy approach though
I'd highly recommend doing something like this instead: (more code, less headache)
Code: Select all
$languages = array('English','German','French');
$lang = array();
foreach($languages as $s) $lang[] = "languages='".mysql_real_escape_string($s)."'";
$lang = implode(' OR ',$lang);
$query = "SELECT * FROM `engines` WHERE ($lang) ORDER BY hits DESC";