-4

I have 2 query's that i want to execute in an HTML table.

Here is my code:

$query= "SELECT Naam , Nummer , Type , Inkoopprijs FROM palenpanelen WHERE Hoogte='" . $hoogtes . "'";
$query.="SELECT Naam, Nummer , Type , Inkoopprijs FROM palenpanelen WHERE Hoogte='" . $benodigdepaal ."'";

/* execute multi query */
if (mysqli_multi_query($conn, $query)) 
    {
        do 
            {
            /* store first result set */
            if ($result = mysqli_store_result($conn)) 
                {
                while ($row = mysqli_fetch_row($result)) 
                    {
                    dump($row);
                    }
                mysqli_free_result($result);
                }
            /* print divider */
            if (mysqli_more_results($conn)) 
            {
                printf("-----------------\n");
            }
            } while (mysqli_next_result($conn));
        die;
    }else{echo mysqli_errno($conn);}

Now it puts an error on my screen: 1064 i searched on the internet but could not find an solution. Thanks.

snakepyro
  • 45
  • 1
  • 7
  • 1
    Please show the full message. I don't see a separator between your 2 queries? They need to be separated by a `;` – Jonnix Jan 22 '19 at 13:44
  • @JonStirling There is no message it only shows 1064, and what do you mean with seperators? – snakepyro Jan 22 '19 at 13:46
  • try to add a semicolon at the end of the first query `$query= "SELECT Naam , Nummer , Type , Inkoopprijs FROM palenpanelen WHERE Hoogte='" . $hoogtes . "'; "; $query.="SELECT Naam, Nummer , Type , Inkoopprijs FROM palenpanelen WHERE Hoogte='" . $benodigdepaal ."'"; ` – Sim1-81 Jan 22 '19 at 13:48
  • 2
    Of course it shows only the error number, when you use `mysqli_errno` … output what `mysqli_error` has to say as well! – misorude Jan 22 '19 at 13:48
  • Read the [documentation](http://php.net/manual/en/mysqli.multi-query.php) for further info – Jonnix Jan 22 '19 at 13:49
  • @Sim1-81 than it shows this error: Uncaught Error: Call to undefined function dump() – snakepyro Jan 22 '19 at 13:50
  • Because you're using a function that isn't available to you, so don't use it :P. At least that shows (assuming you're not using dump elsewhere) you're getting into the loop which means you're now getting data. – Jonnix Jan 22 '19 at 13:52
  • you can find more info here, https://www.w3schools.com/php/func_mysqli_multi_query.asp the semicolon between queries is mandatory – Sim1-81 Jan 22 '19 at 13:55
  • @JonStirling Thanks the error message now says that i have have an error in my SQL syntax; – snakepyro Jan 22 '19 at 13:55
  • That's confusing. IF you got to the `dump` line, the SQL has already run. What is the error? – Jonnix Jan 22 '19 at 13:58
  • [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Jan 22 '19 at 14:00
  • @JonStirling if i do echo $row['Naam'] it shows this error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'SELECT Naam, Nummer , Type , Inkoopprijs FROM palenpanelen WHERE Hoogte='1100'' at line 1 – snakepyro Jan 22 '19 at 14:03
  • Have you added the `;`? – Jonnix Jan 22 '19 at 14:11
  • @JonStirling yes it now prints the 'printf("------------") – snakepyro Jan 22 '19 at 14:13
  • @JonStirling it says that the names after SELECT are undifined – snakepyro Jan 22 '19 at 14:16
  • Sorry, that makes no sense. I believe the original question has been resolved. If you have further issues it might be worth asking a new question. – Jonnix Jan 22 '19 at 14:18
  • @JonStirling yes i understand, Thanks for your time :) – snakepyro Jan 22 '19 at 14:19

1 Answers1

0

Why do you use two queries even if their select parameters and where condition are the same. You can write your code like below

$query= "SELECT Naam , Nummer , Type , Inkoopprijs FROM palenpanelen 
WHERE Hoogte='" . $hoogtes . "' or Hoogte='" . $benodigdepaal ."'";

$results = mysqli_query($query);

while($result = mysqli_fetch_assoc($results)) {
    // your code
}

Also don't forget to prevent injections with prepare statement.

guneraykut
  • 181
  • 14