Geek Answers Handbook

Unknown column, error

Can someone help me with this error that I get, I cannot find the problem. I know that my code is crap, and that I have to use PDO.

I am trying to make a deal script for my game, this is the page on which the user accepts or rejects the deal, I have not yet tried to add a reduction function. I am currently getting this error.

Unknown post 'nick' in 'field list'

<?php if ($_POST['A'] == '1' ) { $token= mysql_real_escape_string($_POST['token']); $tokenn = strip_tags($token); $sql234 = "SELECT * FROM trade WHERE trade_to='".$_SESSION['username']."'"; $result2 = mysql_query("SELECT * FROM trade WHERE trade_to='".$_SESSION['username']."'"); while($row2 = mysql_fetch_array($result2)){ $sql23 = "SELECT * FROM users WHERE username='".$_SESSION['username']."')"; $result = mysql_query("SELECT * FROM users WHERE username='".$_SESSION['username']."'"); while($row = mysql_fetch_array($result)){ if (isset($_POST['slot1'])) { echo "<p>You have accepted the trade.</p>" ; mysql_query("UPDATE user_pokemon SET belongsto=".$row2['trade_to']." WHERE id='".$row2['trade_pokeid']."'") or die(mysql_error()); mysql_query("UPDATE user_pokemon SET belongsto=".$row2['trade_from']." WHERE id='".$row2['trade_mypokeid']."'") or die(mysql_error()); mysql_query("DELETE FROM trade WHERE trade_id=".$row2['trade_id']."") or die(mysql_error()); } else { } } } } ?> <?php $result = mysql_query("SELECT * FROM trade WHERE trade_to='".$_SESSION['username']."'"); while($row = mysql_fetch_array($result)) { $idd= mysql_real_escape_string($row['trade_id']); $iddd = strip_tags($idd); ?> </span> <form name="slot1" action="" method="post"> <div align="center"> <p> <span> <select name="A" id="" > <option value="1">Buy</option> </select> <input type="hidden" name="token" id="token" value="<?php echo $iddd ; ?>" /> <br /> <input type="submit" class="submit" value="Accept" name="slot1"> </span></p> </div> </form> <span> <?php echo $row ['trade_id']; } ?> </span> </p> </div> </center> </td> <?php include 'includes/bottom.php'; ?>

Any adpp would be greatly appreciated :)

+4
source share
1 answer

In this line:

  mysql_query("UPDATE user_pokemon SET belongsto=".$row2['trade_from']." WHERE id='".$row2['trade_mypokeid']."'")

you forgot to specify the first parameter:

  mysql_query("UPDATE user_pokemon SET belongsto='".$row2['trade_from']."' WHERE id='".$row2['trade_mypokeid']."'")

The same error occurs in the following two mysql_query in the code.

You know this, but I’ll say it anyway: use PDO or mysqli . At the very least, sanitize all your data with mysql_real_escape_string , as you did at the beginning of your code.

  mysql_query("UPDATE user_pokemon SET belongsto='".mysql_real_escape_string($row2['trade_from'])."' WHERE id='".mysql_real_escape_string($row2['trade_mypokeid'])."'")

I just say this because it will help you in the long run that everything

+4
source

More articles:


All Articles