Passing variables from php to mysql query and displaying

Can anyone tell me how to pass the php values $value_aid and $value_tradeid to my sql query res3 please ?

<?php
//error_reporting(E_ALL);

///////////////////////Connect to the database and close the connection when finished///////////////////////////////

include ("dbconnect.php");

///////////////////////////////// Gather and Display area_id //////////////////////////////

$res=mysql_query("SELECT area_id FROM pc_test WHERE postcodes = '".$_POST['postcode']."'");
while ($row = mysql_fetch_array($res))
{
// This works !!
//echo("$row[area_id]");
$value_aid="$row[area_id]";
echo("$value_aid");
}

////////////////// Gather and Display postcodes relating to area_id ////////////////////////

$res3=mysql_query("SELECT trade_id FROM trade WHERE trade_type = '".$_POST['trade_type']."'");
while ($row3 = mysql_fetch_array($res3))
{
// And this works !!
echo("\n$row3[trade_id]");
$value_tradeid="$row3[trade_id]";
}

/**************************************** Gather the query information ********************************************/

//************!!!!!!!!!!!!!!!!  This part does not work as the variable values are not being passed !!!!!!!!!!!**********//

$res2=mysql_query("SELECT first_name, last_name, phone_mobile, postcode, trade_type FROM customer WHERE area_id = '$value_aid' && trade_id = '$value_tradeid'");

/**************************************** DISPLAY QUERY RESULTS HERE *********************************************/
while ($row2 = mysql_fetch_array($res2))

{ 

echo("<TABLE align='center' border = '1' bgcolor = 'A7E3F6'><TH><strong>SEARCH RESULTS<strong></TH>");
echo("<TR><TD><strong>Name :<strong>\n$row2[first_name]\n$row2[last_name]</TD></TR>");
echo("<TR><TD><strong>Phone :<strong>\n$row2[phone_mobile]</TD></TR>开发者_JAVA技巧");
echo("<TR><TD><strong>Postcode :<strong>\n$row2[postcode]</TD></TR>");
echo("<TR><TD><strong>Trade Type :<strong>\n$row2[trade_type]</TD></TR></TABLE>");
}

/*********************** If no matching records in my table...DISPLAY MESSAGE HERE ******************************/

if (mysql_num_rows($res2) == 0) {

echo ("<strong><br><br>No one is advertising for this area just yet, sorry.<br>We will have tradesmen advertising here very soon.</strong>");
}

//include ("db_close.php");

?>

first of all, dont pass variables you get from the user (_POST, _GET, ...) directly into Database queries without escaping them (e.g. mysql_real_escape_string($_POST['name']) this leads to massive security problems (SQL Injection)

to assign a variable with the value of a nother variable you simply use:

$value_tradeid = $row['trade_id'];

Variables doesnt need to be capsuled as strings, but array keys should !

On the queries which dont work, why you dont escape the strings, like you have done in the others obove.

$res2=mysql_query("SELECT first_name, last_name, phone_mobile, postcode, trade_type FROM customer WHERE area_id = '".$value_aid."' && trade_id = '".$value_tradeid."'");

you should also read about PDO and Prepared Statements.