SQL INSERT WEIRD SYNTAX ERROR MYSQL FROM PHP

Question

i need help to figure what is wrong with my code. i have this code like this

<?php 

include('./config/db.php');

if(isset($_POST['btnSubmit'])){

$p1 = mysqli_real_escape_string($db,$_POST['txtp1']);
$p2 = mysqli_real_escape_string($db,$_POST['txtp2']);
$p3 = mysqli_real_escape_string($db,$_POST['txtp3']);
$p4 = mysqli_real_escape_string($db,$_POST['txtp4']);
$p5 = mysqli_real_escape_string($db,$_POST['txtp5']);
$p6 = mysqli_real_escape_string($db,$_POST['txtp6']);
$p7 = mysqli_real_escape_string($db,$_POST['txtp7']);
$p8 = mysqli_real_escape_string($db,$_POST['txtp8']);
$p9 = mysqli_real_escape_string($db,$_POST['txtp9']);
$p10 = mysqli_real_escape_string($db,$_POST['txtp10']);
$p11 = mysqli_real_escape_string($db,$_POST['txtp11']);
$p12 = mysqli_real_escape_string($db,$_POST['txtp12']);
$p13 = mysqli_real_escape_string($db,$_POST['txtp13']);
$p14 = mysqli_real_escape_string($db,$_POST['txtp14']);
$p15 = mysqli_real_escape_string($db,$_POST['txtp15']);
$p16 = mysqli_real_escape_string($db,$_POST['txtp16']);
$p17 = mysqli_real_escape_string($db,$_POST['txtp17']);
$p18 = mysqli_real_escape_string($db,$_POST['txtp18']);
$p19 = mysqli_real_escape_string($db,$_POST['txtp19']);
$p20 = mysqli_real_escape_string($db,$_POST['txtp20']);
$p21 = mysqli_real_escape_string($db,$_POST['txtp21']);
$p22 = mysqli_real_escape_string($db,$_POST['txtp22']);

$sql = 
"
START TRANSACTION;
INSERT INTO `kualitas_produk`(`responden`,`p1`,`p2`,`p3`,`p4`,`p5`,`p6`,`p7`,`p8`,`p9`) VALUES ('','$p1','$p2','$p3','$p4','$p5','$p6','$p7','$p8','$p9');
SELECT LAST_INSERT_ID() INTO @LASTID;
INSERT INTO `harga_produk`(`responden`,`p10`,`p11`,`p12`) VALUES (@LASTID,'$p10','$p11','$p12');
INSERT INTO `keputusan_pembelian`(`responden`,`p13`,`p14`,`p15`,`p16`,`p17`,`p18`,`p19`,`p20`,`p21`,`p22`) VALUES (@LASTID, '$p13','$p14','$p15', '$p16','$p17','$p18', '$p19','$p20','$p21', '$p22');
INSERT INTO `recap`(`responden`,`kualitas`,`harga`,`keputusan`) VALUES ('',@LASTID,@LASTID,@LASTID);
COMMIT;
";

at this point, i got this error

Error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INSERT INTO kualitas_produk ( responden , p1 , p2 , p3 , p4 , p5 , p6 , p7 ,`p8' at line 2

here how i execute the query

mysqli_query($db,$sql) or die("Error: ".mysqli_error($db));
echo "Data Berhasil Ditambahkan";
mysqli_close($db);

i already tried to return the $sql variabel for the error, and then copy paste it manually on phpmyadmin, and the code has no error at all..

can someone figure where the problem is? any help will be appreciated

SOLVED BY M.KHALID READ THE COMMENT BELLOW. THANK YOU GUYS

Answer 1

You cannot send more than one SQL statement at a time to mysqli_query .

multi_query is a security hole; you would be better off using mysqli_query for each statement. And it lets you check for errors better.