php - help me about search to database

Question

I will do where I can search in my database

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in

My codes

require_once ('.. / config.php');
$ conn = mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) or die (mysql_error ());
mysql_select_db ("DB_DATABASE", $ conn);
$ search = $ _POST ['search'];
$ sql = mysql_query ("select * from opi where model numbers like '% $ search%' or name like '% $ search%'", $ conn);
while ($ row = mysql_fetch_array ($ sql))**strong text**
{
echo "<tr>";

           echo "<td width='60px' height='10px' valign='top' align='left' class='borderdb'>". $ row ['number']. "</ td>";
       echo "</ tr>";
    }

Answer 1

<?php
$conn = mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) or die (mysql_error ());
mysql_select_db ("DB_DATABASE", $conn);
$search = $_POST ['search'];
$sql = mysql_query ("select * from opi where `model numbers` like '%$search%' or `name` like '%$search%'" ,$conn);
while ($row = mysql_fetch_array ($sql))
{
echo "<tr>";

           echo "<td width='60px' height='10px' valign='top' align='left' class='borderdb'>". $row ['number']. "</ td>";
       echo "</ tr>";
    }
?>

1. Shouldn't be any spaces between dollar sign and php variable name.
2. If your column name has space in it, enclose your column names properly
3. Do NOT use mysql_* function. they're deprecated and no longer maintained. Use Mysqli or PDO.
4. You're SQL statement has SQL injection. use mysql_real_escape_string or PDO.