Pencarian dropdown PHP MySQL

<?php
//HTML FORM:
  echo `
    <form action='search4.php' method='POST' name='form_filter'>    
        <b>Search</b><br>
        <select name="selectVal">
            <option value="category">category</option>
            <option value="location">Country, state or zipcode</option>
        </select>
        <input type='text' name='search' placeholder='Enter text here...' size='50'><br>
        <input type='submit' value='Send'>  
    </form>  
  `;
  
// FORM PROCESSING:

    // database connection
    $db_host        = "myhost";
    $db_user        = "myuser";
    $db_password    = "mypsw";
    $db_name        = "myname";

    //connecting to database

    $db             = mysql_connect($db_host, $db_user, $db_password) or die ('Error - connection failed');
    mysql_select_db($db_name, $db) or die ('Database selection error');

    /*********************************************/
    /***WHY DO YOU NEED THIS RESEARCH VARIABLE?***/
    /*****WHAT IS ITS PURPOSE IN THIS SCRIPT?*****/
    /*********************************************/
    //GET CLEAN VERSIONS OF ALL NECESSARY VARIABLES:
    $search         = isset($_POST['search'])       ? htmlspecialchars(trim($_POST['search']))      : null;
    $catLocation    = isset($_POST['selectVal'])    ? htmlspecialchars(trim($_POST['selectVal']))   : null;
    $query          = "SELECT * FROM table_name WHERE ";

    //YOU INDICATED YOU'D NEED TO RUN THE SEARCH-QUERY IF THE SEARCH-TERM AND SEARCH-SCOPE ARE DEFINED IE: NOT NULL; HOWEVER IF THE SEARCH TERM IS NOT GIVEN, YOU SELECT EVERYTHING IN THAT TABLE... (BAD PRACTICE, THOUGH)
    if($catLocation){
        if($search){
            if($catLocation == "category"){
                $query .= " category LIKE '%" . $search . "%'";
            }else if($catLocation == "location"){
                $query .=  " country LIKE '%" . $search . "%' OR zip_code LIKE '%" . $search . "%' OR state LIKE '%" . $search . "%'";
            }
        }else{
            $query .= "1";            
        }

        $sql        = mysql_query($query);
        //HERE AGAIN WAS AN ERROR... YOU PASSED mysql_fetch_array A STRING $query INSTEAD OF A RESOURCE: $sql
        while ($row = mysql_fetch_array($sql)){
            $Id         = $row["Id"];
            $country    = $row["country"];
            $category   = $row["category"];
            $name       = $row['name'];
            $zip_code   = $row['zip_code'];
            $state      = $row['state'];

            echo "Name: $name<br>";
            echo "Zip_code : $zip_code<br>";
            echo "State : $state<br>";
            echo "Country: $country<br>";
            echo "Category: $category<hr>";
        }

    }
?>
Bathila