0

I have a large JSON object which i am reading from a file as text, parsing it as JSON and storing in my mysql database in blob data type. when i do SELECT * FROM *table* in mysql console i see [object Object] in the table and uploading JSON as a string give an error.

ER_PARSE_ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1000GenomeFreq": "", "dbsnpFreq": "",
"labValidationInfo": null, "yesFrequ' at line 1

How do i upload JSON to a MySQL database using node.js?

var id=0;
var json={};
var name,des;
io.on('connection', function(socket){
  socket.on('username', function(un){
    console.log("Username: "+un);
    var l=un.length;
    console.log(l);
    json=JSON.parse(un);
    name=json.label.name;
    des=json.label.description;
    console.log(name);
    switch(name){
      case 'VUS_I':id=3;
      break;    
      case 'VUS_II':id=4;
      break;
      case 'VUS_III':id=5;
      break;
      case 'VUS_IV':id=6;
      break;
    }   
    connection.query('insert into variant_card(data,effectID)values("'+json+'",'+id+')', function(err,result) {
      if(err) {
        console.log('adsfdas'+err);
        socket.emit('wru');
      } else {
        if(result==false){
          console.log("Error uploading file");
          socket.emit('wru');
        } else {
          console.log("File uploaded into database");
          socket.emit('done');
        }
      }
    });
    //socket.emit('pwd');
  });
});

part of a JSON file is

{
  "1000GenomeFreq":"",
  "dbsnpFreq":"",
  "labValidationInfo":null,
  "yesFrequency":1,
  "functionallyValidated":false,
  "mutationType":"changeThis",
  "conservationScores":null,
  "isDominantSegregating":true,
  "literatureKbCount":0,
  "exomeServerFreq":"",
  "rsID":"",
  "notations":[{
    "nmTranscripts":["NM_033507"],
    ...
Improve this question

1 Answer 1

Reset to default
2

That is exactly why you should never concatenate values directly into your query (SQL injection attacks).

What you should be doing instead is using placeholders:

connection.query('insert into variant_card set ?',
                 { data: JSON.stringify(json), effectID: id },
                 function(err,result) {
  // ...
});
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

see my edit. you need to stringify it since it's no longer JSON.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.