why i am getting error as ER_PARSE_ERROR: You have an error in your SQL syntax;

Question

full error is

This is my index.js ER_PARSE_ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''sada'' at line 1

const express = require('express');
const app = express();
const path = require('path');
const bodyParser = require('body-parser');
let cryptr = require('cryptr');
cryptr = new cryptr('myTotalySecretKey');
const jwt = require('jsonwebtoken');
var dir = path.join(__dirname, 'public');
app.use(express.static(dir));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(express.static(__dirname + 'public'));
var mysql = require('mysql');
var connection = mysql.createConnection({
    host: 'localhost',
    user: 'trello',
    password: 'trello',
    database: 'trello'
});
connection.connect(function (err) {
    if (!err) {
        console.log("Database is connected");
    } else {
        console.log("Error while connecting with database");
    }
});
module.exports = connection;
app.post('/signup', (req, res) => {
    let encryptedString = cryptr.encrypt(req.body.password);
    let sql = 'insert into users(name, email, password) values ?';
    let values = [req.body.name, req.body.email, encryptedString];
    connection.query(sql, values, function (err, result) {
        if (err) throw err;
        return res.redirect('/login.html');
    });
});
app.listen(3000);

my html form

i am pretty new to nodejs so can anybody tell me why there is this error coming

Tudor Constantin · Accepted Answer

You have to add a placeholder for every value you insert:

let sql = 'insert into users(name, email, password) values (?, ?, ?)';
let values = [req.body.name, req.body.email, encryptedString];

why i am getting error as ER_PARSE_ERROR: You have an error in your SQL syntax;

Answers (1)

Related Questions