While it is cool to hack around and get things working, I would strongly urge you to have a look at http://php.net/manual/en/security.database.sql-injection.php with regard to how the SQL statements are being generated. Now that you are able to connect and execute the query, have a hard look on how to secure the query.
