I have this function below:
let username = req.session.username;
let timeoflogin = new Date().toLocaleString();
let device = req.headers['user-agent'];
let thequery = query;
let location = 'n/a';
var insertAnalyticsLogin = "insert into ANALYTICS (username, location, device, query, timeoflogin) VALUES ('" + username + "', '" + location + "', '" + device + "', '" + thequery + "', '" + timeoflogin + "')"
console.log(insertAnalyticsLogin);
mysqlconn.connect(function(err) {
if (err) {
console.error('Database connection failed: ' + err.stack);
return;
}
mysqlconn.query(insertAnalyticsLogin, function(err, rows) {
if (err) {
console.log(err);
} else {
console.log("successfully inserted into analytics")
res.redirect('/gen_trainerclientlist')
}
mysqlconn.end();
});
});
and inside thequery, it holds my query from the previous function. It looks something like this:
"insert into USERS
(FIRST_NAME, LAST_NAME, USERNAME, USER_ROLE, REGISTER_DATE,
PHONE_NUMBER, SUB_STATUS, ASSIGNED_TRAINER)
VALUES ('" + clientDetails.inputFirstName + "', '" +
clientDetails.inputLastName + "', '" +
clientDetails.inputUsername + "','CLIENT','" +
currentDate + "', '" + clientDetails.inputPhoneNumber +
"','INACTIVE','" + req.session.username + "')"
the error I am getting with this is :
sqlMessage: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near
by the sounds of it, what is happening is that it is trying to insert thequery again into my database, or it doesn't like the syntax i am providing it with. So i was wondering what the best way to go about this would be. Should i force thequery to be a string, so it forces everything to just get stringified, or am i going about this wrong entierly?
