4

I'm new to Node.js and I've hit a roadblock I can't figure out. I'm trying to add an array to a SQL table using an INSERT INTO query. Following the example [here][1] I see that I add a question mark as a placeholder for my values array, and the code takes care of the rest - but that doesn't seem to be working.

Here's the code:

var temp = [1,3,2];
conn2string= "INSERT INTO " + process.env.DB_TABLE + '(`0`, `1`, `2`) VALUES ? ';

let query = connection.query(conn2string, temp, function (err, result) { // this will insert in to data base  //[vals2[0]]

And the resulting SQL connection string is:

'INSERT INTO test(`0`, `1`, `2`) VALUES 1 `

What I'm expecting Is:

'INSERT INTO test(`0`, `1`, `2`) VALUES (1, 3, 2); `

Any suggestions what I'm doing wrong?

Improve this question
3
  • I suggest you to use some kind of query-builder, like knexjs.org Commented Jan 12, 2021 at 10:52
  • Which database library are you using? mysql? Commented Jan 12, 2021 at 10:54
  • yes, i'm using mySQL Commented Jan 12, 2021 at 10:58

3 Answers 3

Reset to default
3

To do this with the mysql package, you need to wrap the temp variable inside an array. Remember to add the parentheses around the ? of the VALUES.

var temp = [1, 3, 2];
conn2string =
  "INSERT INTO " + process.env.DB_TABLE + "(`0`, `1`, `2`) VALUES (?) ";

let query = connection.query(conn2string, [temp], function (err, result) {
  
});

This is because the parameter after the SQL string expects an array whose elements match each ? or ?? in the SQL string. By passing the temp array directly, you're essentially telling it that the first ? is 1, the second ? is 3, the third ? is 2. However, when you wrap the temp array in another array, you're essentially telling it that the value of the first ? is the temp array, and it formats it accordingly.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Hey, great explanation - even I could understand it! That worked well too, so thanks for your help.
0

you can make a string value from array:

let query = connection.query(conn2string, '(' + temp.join(',') + ')', function (err, result) {

or, better, use full template:

var temp = [1,3,2];
conn2string= "INSERT INTO " + process.env.DB_TABLE + '(`0`, `1`, `2`) VALUES (?, ?, ?) ';

and to pass temp[0], temp[1], etc

or not to use a template:

conn2string= "INSERT INTO " + process.env.DB_TABLE + '(`0`, `1`, `2`) VALUES (' + temp[0] + ', ' + temp[1] + ', ' + temp[2] + ')';
Improve this answer

3 Comments

Thanks for the reply. I was hoping to be able to make the single question mark replaced with an array method work. The actual query I have is many many columns long, so embedding the data one way or another is not an option. Plan B is to build a query string, but the method of just using a single question mark was too simple to ignore.
Warning: you're exposing yourself to SQL injection attacks by building the query without escaping the values or using bound parameters or a parameterized query.
of course you should care about it. I just gave options with predefined number values
0

you can try embedded the data into sql string directly using this way:

conn2string= `INSERT INTO ${process.env.DB_TABLE} (`0`, `1`, `2`) VALUES (${temp.join(',')})`;

or I think you must insert n "?" like the numbert of element in array

Improve this answer

1 Comment

Warning: you're exposing yourself to SQL injection attacks by building the query without escaping the values or using bound parameters or a parameterized query.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.