Error 1054 - Variable used as field in WHERE is taken as column

Question

i'm trying to update a mysql db but when i execute the query i get an error where var id (used as filed in WHERE) is used as column name. Am i reading it wrong? what i have to fix to let this work?

Console Log

var message = '';
var id = req.session.user.id;
console.log(req.session.user.id);
var post  = req.body;
var worker= post.worker;
var farmer= post.farmer;
var soldier= post.soldier;
var defender= post.defender;
         
var sql= "UPDATE stats SET worker = `"+worker+"`, farmer = `"+farmer+"`, soldier = `"+soldier+"`, defender = `"+defender+"` WHERE `stats`.`id` = `"+id+"` ";
      
db.query(sql, function(err, results){
  if(results){
    res.send('/home/dashboard.ejs')
  };
            
  if(err){console.log(err)};
 });
}

Answer 1

The immediate cause of your error is that you are trying to escape literal values using backticks instead of single quotes. The error message you see is hinting at this. But, rather than just replacing those backticks with single quotes, you should instead use a prepared statement:

var sql = "UPDATE stats SET worker = ?, farmer = ?, soldier = ?, defender = ? WHERE id = ?";
db.query(sql, [worker, farmer, soldier, defender, id], function(err, results) {
    if (results) {
        res.send('/home/dashboard.ejs')
    }

    if (err) {
        console.log(err)
    }
});

Answer 2

Try this:

var sql= "UPDATE stats SET worker = '"+worker+"', farmer = '"+farmer+"', soldier = '"+soldier+"', defender = '"+defender+"' WHERE id = "+id+" ";

I removed the back ticks from the id column name at the end (unnecessary) and properly surrounded the strings with single quote instead of back ticks. Also no need for the table name.