Arnas A.
Reputation: 61
Mysql query quote syntax error NodeJS
I have a value: something's. Value also can be a's'a etc. Sometimes value is something | a and so on. It works fine. Trying to insert it in mysql:
mysqlConnection.query('INSERT INTO `something` (`users`,`other`) VALUES (\'' + value + '\',\'' + other + '\')'
It returns syntax error. How can I insert that value with ' symbol in mysql.query?
Upvotes: 0
Views: 2052
Answers (1)
Ibraim Ganiev
Reputation: 9390
Concatenating query with values is really bad idea, basically you need just to escape your values properly, but for better security you should look for example on this node-mysql lib with prepared statements, and read something about SQL Injections.
Also related: Preventing SQL injection in Node.js
Upvotes: 1
Related Questions
- Syntax error in nodejs with mysql near to '?'
- use quotes in sql query node.js
- Error SQL syntax in nodejs
- Why does it throw a syntax Error in mysql
- Node sql syntax error
- error in sql syntax mysql node js?
- MYSQL query giving me syntax error when correct in Node.JS?
- node.js mysql query cannot run due to quotes around digit
- Node.js parsing error with mysql query
- Node MySQL query syntax error