The error is because the value you are putting into the sql query statement contains an sql special character, e.g. the ', which is breaking the sql query syntax. This is also how sql injection is accomplished.
The solution is to use a prepared query, with a ? place-holder in the sql query statement, then supply the value when the query gets executed. Unfortunately, the php mysqli database extension is overly complicated and inconsistent when dealing with prepared queries. This would be a good time to switch to the much simpler and more modern PDO database extension.
As to the posted code/query. If the tipus_xocolata table is where the chocolate types are defined, there is only one row per chocolate type and the DINSTINCT keyword is not needed. Since this query only involves one table, there's no point in prepending the table name to each column. This is just unnecessary typing. Selecting the same column more than once doesn't do anything (you will only get the last occurrence of the value when fetching the data as an associative array) and isn't necessary, since you can reuse fetched column value as many times as you want. Also, this table should have an id column, which is an auto-increment primary index. You would use this id as the get parameter in any link, when storing related data, or performing a search within related data. lastly, I'm pretty sure it has been posted in more than one of the help forums you have been posting in, this not the intended way of using printf(). The place-holders/replacement-parameters in the overall-string being built should only be for the dynamic values. Edit: which I see you have now changed in the edited code.