Untitled

<?php
$as1 = $_POST['as1'];

  $ids2 = $_POST['ids'];
  $ids3 = $_POST['id'];

$img = $_POST['img'];
$lvl = $_POST['lvl'];
$name = $_POST['name'];
$def = $_POST['def'];
$str = $_POST['str'];
$box = $_POST['box'];

$imgh = $array['helm'];
$defh = $array['defh'];
$strh = $array['strh'];
$lvlh = $array['lvlh'];


if ($as1=='Helm') {
$query2 = "INSERT INTO inventory (img, name,typ,def,str,ids,lvl,box )
							  VALUES ( '$imgh','$imgh','$as1','$defh','$strh','$ids2','$lvlh','0' )";
					$result2 = mysql_query($query2) or die(mysql_error());;
$result = mysql_query("UPDATE users SET helm= '$name' WHERE login='$login'");
$result = mysql_query("UPDATE users SET defh= '$def' WHERE login='$login'");
$result = mysql_query("UPDATE users SET strh= '$str' WHERE login='$login'");
$result = mysql_query("UPDATE users SET lvlh= '$lvl' WHERE login='$login'");


$del = mysql_query("DELETE FROM inventory  WHERE id='$ids3'");<?

База данных
<?php
session_start();
$login = $_SESSION['login'];

$password = $_SESSION['password'];
$id_user = $_SESSION['id'];
$result = mysql_query("SELECT * FROM users WHERE login='$login'");
$array = mysql_fetch_array($result);

$result2 = mysql_query("SELECT * FROM boxofluck  WHERE lvl='1' order by rand()");
$drop1 = mysql_fetch_array($result2);

$result3 = mysql_query("SELECT * FROM boxofluck  WHERE lvl='2' order by rand()");
$drop2 = mysql_fetch_array($result3);

$result4 = mysql_query("SELECT * FROM boxofluck  WHERE lvl='3' order by rand()");
$drop3 = mysql_fetch_array($result4);

$wep = $array['stra']+$array['strh']+$array['strg']+$array['strp']+$array['strb']+$array['strsh']+$array['strs']+$array['strw'];
$defs = $array['defa']+$array['defh']+$array['defg']+$array['defp']+$array['defb']+$array['defsh']+$array['defw'];


Выборка вещей
$query = "SELECT * FROM `inventory`  WHERE ids='$id_user' AND box='1' ";

 $res = mysql_query($query);

 while( $item = mysql_fetch_array($res,MYSQL_ASSOC) )

 {