'Why am I getting this MySQL error with node?

I have connected to the database on MySQL, and was able to input data to a table. However, I am not able to input data to another table when it seems that I'm using the exact same method to achieve the input. Below is the code that works:

const mysql = require('mysql');
const connectionPool = mysql.createPool({
    connectionLimit: 1,
    host: "localhost",
    user: "dg",
    password: "123456",
    database: "legends_database",
    debug: false
});
exports.addUser = (Username, Email, Password, response) => {
    //Build query
    let sql = "INSERT INTO user (Username, Email, Password) " +
    "       VALUES ('" + Username + "','" + Email + "'," + Password +")";
    
    //Execute query
    connectionPool.query(sql, (err, result) => {
        if (err){//Check for errors
            let errMsg = "{Error: " + err + "}";
            console.error(errMsg);
            response.status(400).json(errMsg);
        }
        else{//Send back result
            response.send("{result: 'User added successfully'}");
        }
    });
}

I have copied this code and made changes and below is the code that gives me an error.

const mysql = require('mysql');
const connectionPool = mysql.createPool({
    connectionLimit: 1,
    host: "localhost",
    user: "dg",
    password: "123456",
    database: "legends_database",
    debug: false
});
exports.addPost = (Question_Title, Answer_Paragraph, response) => {
    //Build query
    let sql = "INSERT INTO answer (Question_Title, Answer_Paragraph) " +
    "       VALUES ('" + Question_Title + "','" + Answer_Paragraph  +")";
    
    //Execute query
    connectionPool.query(sql, (err, result) => {
        if (err){//Check for errors
            let errMsg = "{Error: " + err + "}";
            console.error(errMsg);
            response.status(400).json(errMsg);
        }
        else{//Send back result
            response.send("{result: 'Post added successfully'}");
        }
    });
}

This is the error I'm getting:

Data received: {"Question_Title":"Test_Question","Answer_Paragraph":"Test_Answer"}
{Error: Error: ER_PARSE_ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Test_Answer)' at line 1}
javascriptmysqlnode.js


Solution 1:[1]

At first writing queries like this is SQL injection prone, so get rid of this. But if you're using for educational/self-use purposes only - here's my point: I see odd number of single quotes so it seems like the error comes from there(The error message just says that you have a syntax error). So try to write your query like this:

let sql = `INSERT INTO answer (Question_Title, Answer_Paragraph) VALUES ("${Question_Title}","${Answer_Paragraph}");

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 David Gabrielyan

Related Questions

React Router with optional path parameter

How to dynamically update google recaptcha sitekey?

How to dynamically update google recaptcha sitekey?

Remove duplicate in a string - javascript

Remove duplicate in a string - javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Find an element in DOM based on an attribute value

Redirecting html page with javascript

Find an element in DOM based on an attribute value

Find an element in DOM based on an attribute value

Redirecting html page with javascript

How to find x and y coordinates of a button while using keyboard navigation?

How to find x and y coordinates of a button while using keyboard navigation?