Can Mysqli_query() calls be nested?

Question

I am trying to implement the following code. What I want is to fetch the product id with column name prod_id from the table cart_details and then fetch the details for that product id with column name prod_id from the table products. But this code is not returning anything. Does this means that mysqli_query() calls cannot be nested?

<?php
$cart_id=$_POST['q'];
include "connection.php";
$cart_id=mysqli_real_escape_string($link,$cart_id);
$query="select product_id from cart_details where cart_id = $cart_id";
$result=mysqli_query($link,$query) or die(mysqli_error($link));
if($result)
{
    while($row=mysqli_fetch_array($result))
    {
        $prod_id = $row['product_id'];
        $prodDetail = "Select  * from products where prod_id = $prod_id";
        $prodResult = mysqli_query($link,$prodDetails) or die(mysqli_error($link));
        if(!$prodResult){
            echo "There was an error in fetching the product with product ID ".$prod_id;
        }
        else{
            if(mysqli_num_rows($prodResult)==0)
            {
                echo "There is no item in this cart";
            }
            else{
                while($prod=mysqli_fetch_array($prodResult)){
                $prod_name=$prod['prod_name'];
                $prod_price=$prod['prod_price'];
                echo "<tr><td>".$prod_id."</td>";
                echo "<td>".$prod_name."</td>";
                echo "<td>".$prod_price."</td></tr>";
            }

            }
        }
    }

}
else{
    echo "Query Failed";
}
?>

No, it does not mean that. It means something is returning an error or no results. — , Nov 02 '14 at 07:23
While they can be nested like this, it's often the wrong way to write it. You should combine the two queries into a single join. — Barmar, Nov 02 '14 at 07:25
Your code refers to `$row['product_id']`, but according to the text of your question, the column is called `prod_id`. Could that be the issue? — Mureinik, Nov 02 '14 at 07:25
Your `else` statements are wrong. When `$result` or `$prodresult` is false, it means you got an error. If there was nothing in the cart, the query would succeed, but `mysqli_num_rows` would return 0. — Barmar, Nov 02 '14 at 07:27
@Mureinik No. `product_id` is a column in `cart_details` and `prod_id` is a column in `products` — user3736335, Nov 02 '14 at 07:27
My point is still valid. You print `There is no item in this cart` when the first query fails. But that's not what it means when a query fails. — Barmar, Nov 02 '14 at 07:30
@user3736335 Your question still seems to have incorrect column names. It says "fetch the prod_id from the table cart_details" — Barmar, Nov 02 '14 at 07:31
@Barmar That should not stop the query from returning anything. I can change that echo statement to say something like `Query Failed`, but that should not make any difference, as long as I am in development environment. I have edited my que statement for better clarity. Please recheck. — user3736335, Nov 02 '14 at 07:33
Your code is vulnerable to SQL injections; you should read on [how to prevent them](http://stackoverflow.com/q/60174/53114). — Gumbo, Nov 02 '14 at 07:37
I never said it was causing your problem. It was just a comment. The fact that your code says that implies that you have a misunderstanding about how these functions work, I was trying to teach you. — Barmar, Nov 02 '14 at 07:37
@Arif_suhail_123 `error_reporting` won't report SQL errors. They're only shown with `echo mysqli_error($link)`. — Barmar, Nov 02 '14 at 07:40
@Arif_suhail_123 Please make your last comment an answer. I changed `if($result)` to `if($result && mysqli_num_rows($result)!=0)`. It returned the echo statement written in the `else()` clause. The `$cart_id` was not matching. Thanks — user3736335, Nov 02 '14 at 07:49
I edited my question to move `$cart_id=mysqli_real_escape_string($link,$cart_id);` after include `"connection.php";` before you posted the answer. — user3736335, Nov 02 '14 at 07:56

arif_suhail_123 · Accepted Answer · 2014-11-02T07:59:18.900

0

Check in your this

$query="select product_id from cart_details where cart_id = $cart_id";

That how many rows you are returning.

You can achieve this by changing this line if($result)

To this

if($result && mysqli_num_rows($result)!=0)

Note mysqli does not automatically secure your applicattion. use bindparam

edited Nov 02 '14 at 07:59

answered Nov 02 '14 at 07:53

arif_suhail_123

2,509
2
12
16

Can Mysqli_query() calls be nested?

1 Answers1