0

I'm trying to add a record to mySQL database, when I do so I get the following message:

sqlMessage: 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'release) values ( \'/ge-assets/images/bottoms-webinar.png\', \'Sign Up Now!\', \'2018\' at line 1',

When I try to add it exactly the same without the 'release' column everything works fine - I am able to append the entry. So I understand something is wrong with the 'release' title, however searching around it doesn't seem like a reserved keyword (I looked in w3schools, and around SO). 

query = `insert into ${CURRENT_DB_TABLE} (image_path, button_text, release) values ( '${entry.image_path}', '${entry.button_text}', '${entry.release}')`;

return mysqlConnection.query(query).then((response) 
    console.log("appended entry :: ",entry.title);

I cannot add it without the column names (because one of my columns has to remain empty).

ddy250
  • 281
  • 2
  • 5
  • 16
  • 1
    `release` is definitely a [MySQL reserved word](https://dev.mysql.com/doc/refman/5.7/en/keywords.html#keywords-5-7-detailed-R). You need to enclose it in backticks `\`` to use it as a column name in a query – Nick Oct 15 '18 at 11:33
  • 2
    Possible duplicate of [Syntax error due to using a reserved word as a table or column name in MySQL](https://stackoverflow.com/questions/23446377/syntax-error-due-to-using-a-reserved-word-as-a-table-or-column-name-in-mysql) – Amadan Oct 15 '18 at 11:34
  • 1
    "doesn't seem like a reserved keyword (I looked in w3schools, and around SO)" - the first search should really be official docs :) Things change, keywords get added... – Amadan Oct 15 '18 at 11:35
  • Thanks for that. Something still doesn't work, I think it has to do with the fact that the whole expression is already in backticks. Or to the fact that backticks have a meaning in JS as well. – ddy250 Oct 16 '18 at 06:26
  • 1
    JavaScript template string can contain backslash-escaped backticks. However, that's another issue: [Bobby Tables](http://bobby-tables.com). Do not use template strings to fill in values into SQL expressions; use prepared statements instead. ````query = `INSERT INTO ${CURRENT_DB_TABLE} (\`image_path\`, \`button_text\`, \`release\`) VALUES (?, ?, ?)`; mysqlConnection.query(query, [entry.image_path, entry.button_text, entry.release]):```` – Amadan Oct 16 '18 at 08:14

0 Answers0