While trying to create a website on which users can buy and sell stocks, I encountered the following error while trying to implement the "sell" option. Users can type in the symbol of some stock they have, and then the website ought to delete all stocks with that symbol (by means of a POST method). I use the following sql statements in sell.php (the controller):
query("DELETE FROM userstocks WHERE id = ".$_SESSION["id"]."
AND symbol = ". $_POST["symbol"] ) ;
query("UPDATE users SET cash = cash + 200 WHERE id = " . $_SESSION["id"]) ;
render("sellconfirmation.php", ["cash" => $cash]);
There is sometheing wrong with the DELETE FROM query, though. I get the following error:
Fatal error: Unknown column 'fb' in 'where clause' in /home/jharvard/vhosts/pset7/includes/functions.php on line 139
I think this is strange, because when I manually type in the actual 'fb' stock (as in: AND symbol = 'symbol' ) it all works perfectly well. I want the website to delete the stock based on what the user typed in though.
Question: What's wrong with the DELETE FROM query?
