how to execute different sql query in non-sanitized $wpdb->get_results function

if $wpdb->get_results is not sanitized by core code, why we can’t execute different SQL query in it?

Because the wpdb class uses (see wpdb::_do_query() ) mysqli_query() (by default) or mysql_query(), and unfortunately these functions do not support multiple queries such as SELECT <query>; INSERT <query>; SELECT <query>.

Therefore, if you want to execute multiple SQL queries using wpdb, you would need to execute each query individually like so:

// You cannot do this:
// And I mean, regardless the query is escaped/safe or not, this won't work.
$results = $wpdb->get_results( "SELECT <query>; INSERT <query>; SELECT <query>" ); // doesn't work

// But you can do this:
$results = $wpdb->get_results( "SELECT <query>" );
$rows = $wpdb->query( "INSERT <query>" ); // this works, but you should use $wpdb->insert(), though
$results = $wpdb->get_results( "SELECT <query>" );

And in reply to your comment:

get_results function not working when you give multiple SQL queries after semicolon ; and also adding backslashes after quotes ', "

About that “semicolon ;” (e.g. as in DELETE <query>; SELECT <query>), yes you’re correct.

And about that “adding backslashes”, yes, you’re also correct, but the better/preferred way is to use wpdb::prepare() to prepare the SQL query for safe execution.

// We used the same query, but different data.

// Query 1: Not escaped, but data is good, so no errors thrown.
$value=""Foo""; // intentionally not escaped
$results = $wpdb->get_results( "SELECT ID, post_title FROM $wpdb->posts WHERE post_title="{$value}" LIMIT 2" );
// Generated SQL: SELECT ID, post_title FROM wp_posts WHERE post_title=""Foo"" LIMIT 2

// Query 2: Not escaped, data is bad, thus results in a syntax error!
$value = "'Foo'"; // intentionally not escaped
$results = $wpdb->get_results( "SELECT ID, post_title FROM $wpdb->posts WHERE post_title="{$value}" LIMIT 2" );
// Generated SQL: SELECT ID, post_title FROM wp_posts WHERE post_title=""Foo'' LIMIT 2

// Query 3: Works good - data escaped manually, and no errors thrown.
$value="\"Foo\''; // backslashes added manually
$results = $wpdb->get_results( "SELECT ID, post_title FROM $wpdb->posts WHERE post_title="{$value}" LIMIT 2" );
// Generated SQL: SELECT ID, post_title FROM wp_posts WHERE post_title="\"Foo\'' LIMIT 2

// Query 4: Works good - data not escaped, but wpdb::prepare() is used, so no errors thrown.
$value = "'Foo'"; // intentionally not escaped
// But then, this query uses wpdb::prepare().
$results = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_title FROM $wpdb->posts WHERE post_title = %s LIMIT 2", $value ) );
// Generated SQL: SELECT ID, post_title FROM wp_posts WHERE post_title="\"Foo\'' LIMIT 2

Notes

  1. wpdb uses mysql_query() if the MySQLi functions are not available or if the WordPress constant named WP_USE_EXT_MYSQL is defined.

  2. MySQLi has support for multiple statements using mysqli_multi_query(), but (as of writing), wpdb does not use that function.

Related Posts:

  1. How to use $wpdb to delete in a custom table
  2. get_results on large datasets
  3. Is there a (better) way to access $wpdb results?
  4. Using $wpdb generates DB error
  5. How do you use prepare when asking for a list of id’s
  6. WPDB update row with != in where clause
  7. How to update records using $wpdb?
  8. Need help writing a $wpdb query
  9. show badge with count for pending items in custom post type
  10. WP Sql query multiple where clause
  11. WordPress SQL query – returning ‘true’ ‘false’ or ‘null’
  12. Modify the structure of data returned by $wpdb
  13. Syntax for $wpdb->prepare when searching in two columns
  14. Confused by $wpdb->prepare
  15. How to display user_nicename and usermeta values by custom query in WordPress?
  16. Optimizing WordPress Queries – Removing Group By ID
  17. How can I combine one field using wpdb and group by?
  18. $wpdb->prepare with ON DUPLICATE KEY UPDATE
  19. how to use $wpdb->prepare to update a custom table
  20. WPDB Placeholders and second argument for prepared statements
  21. Increment integer field in database when WHERE needs to be dynamic [closed]
  22. Custom SQL query ORDER BY term_order
  23. Custom $wpdb returns unexpected time based results
  24. How to left join meta in queries [closed]
  25. wpdb->get_row is selecting the variable as a column name
  26. CREATE TABLE with dbDelta does not create table
  27. $wpdb query outputs php code instead of executing it
  28. wpdb query not working
  29. WordPress wpdb->insert returns int(0) => doesn’t insert anything, no errors!
  30. WPDB SQL Ignore `post_status` Parameter
  31. how to list all post that are in the custom taxonomy using $wpdb
  32. WPDB SQL query SELECT from category
  33. How to use WHERE NOT EXISTS query to avoid duplicate entry using $wpdb to save in custom table?
  34. Creating an Angular factory from custom database table
  35. wpdb->update update the entire table instead of one row
  36. How do I update post based on meta_key in another table?
  37. How to set up prepared query using IN statement
  38. Custom database query to validate data
  39. Alter the main search query to search posts by coauthor user name
  40. Creates only one table and not the other
  41. Protect custom form from SQL injection
  42. looking for a way to allow users to backup the plugin db data(save as)
  43. SQL Query to select post title & post ID from a particular category
  44. Get comments after specific date
  45. query using wpdb in wordpress gets me no result
  46. Get count of rows based if column exists in two different tables
  47. query_vars doesn’t return query string (trying to get data from $wpdb)
  48. $wpdb->get_row() only returns a single row?
  49. what is the way to see the currently executing query in wordpress?
  50. $wpdb->last_error doesn’t show the query on error
  51. Multipart/formatted MySQL query problem
  52. How to make an activities stream mixing posts and comments?
  53. Delete/replace img tags in post content for auto published posts [closed]
  54. What does wp_update_post() do that the $wpdb class does not?
  55. wpdb-> not adding prefix to custom table
  56. WPDB: how to get the value of a field in a custom database table
  57. Get WooCommerce product attribute taxonomies in a SQL query on WordPress database
  58. Get random row from custom table
  59. store custom WP table names in a global variable
  60. I am not understandinhg $wpdb->prepare correctly
  61. Using WPDB class
  62. What is _transient_random_seed for?
  63. wpdb get_results() and prepare when to use prepare?
  64. Foreach loop using $wpdb not results from rows
  65. How to Instantiate wpdb Object in New File
  66. What’s the proper way to add users to my site in order to test things?
  67. Q: How to pull data from custom table to populate zustomizer setting/control select options
  68. Code only works every other time its run
  69. I can’t figure out what’s wrong with this statement. $wpdb->query update
  70. Can’t pass variable in wordpress wpdb->get_results
  71. WordPress db prepare
  72. $wpdb update query in plugin only updating one column
  73. How do I count columns on a custom WPDB query?
  74. Trouble inserting string containing quotations marks with wpdb in save_post hook
  75. How can I add a new row in a separate database when someone registers via WordPress?
  76. Clear Terms from Taxonomy for Specific Post IDs?
  77. $wpdb->insert() doesnt work anymore
  78. Where can I see MySQL hostname and port for wp-config.php
  79. Why my query does not run with prepare
  80. $wpdb->get_results not returning an array
  81. WPDB Query Question with Category Only
  82. wpdb result arrray inside an array
  83. Fetching review value using wpdb class
  84. $wpdb->num_rows doesn’t work
  85. How can I change my meta_query to SQL wpdb query?
  86. Counting Posts with multiple taxonomy and terms condition using MySQL and AJAX
  87. Database SQL query error
  88. How capturate wpdb exceptions?
  89. Limit left join
  90. Get records from Formidable Table using $wpdb->get_col
  91. What argument does my function need to echo get_results() query results
  92. Missing argument 2 for wpdb::prepare() [duplicate]
  93. Save customizer default values to DB on theme activation
  94. Plugin with connection to database – Single function
  95. wpdb->update error
  96. Wpdb generates too many queries
  97. Using $wpdb to update current post
  98. DBDelta: “table doesn’t exist” for a table that was just created
  99. Table wont load into WPDB
  100. WPDB prepare – like % – placeholders?
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)