I’m fairly new at Postgresql and learning new things everyday. So I have this blog project where I want to use PostgreSQL as a db. But I’m kind of stuck at the most basic insert query which is throwing an error. I have three tables, posts, authors and categories. I could create the table properly I guess but when I try to insert data I get this error:
error: syntax error at or near length: 95, severity: 'ERROR', code: '42601', detail: undefined, hint: undefined, position: '122', internalPosition: undefined, internalQuery: undefined, where: undefined, schema: undefined, table: undefined, column: undefined, dataType: undefined, constraint: undefined, file: 'scan.l', line: '1180', routine: 'scanner_yyerror'Now I don’t know where the issue is and Postgres’ errors are not that specific.
Can anyone please tell me where I could be going wrong?
Here are the tables:
const createInitialTables = ` CREATE TABLE authors ( id UUID NOT NULL, author_name VARCHAR(100) NOT NULL UNIQUE CHECK (author_name <> ''), author_slug VARCHAR(100) NOT NULL UNIQUE CHECK (author_slug <> ''), PRIMARY KEY (id) ); CREATE TABLE posts ( id UUID NOT NULL, post VARCHAR(500) NOT NULL CHECK (post<> ''), post_slug VARCHAR(500) NOT NULL CHECK (post_slug <> ''), author_id UUID NOT NULL, PRIMARY KEY (id), CONSTRAINT fk_authors FOREIGN KEY(author_id) REFERENCES authors(id) ); CREATE TABLE categories ( id UUID NOT NULL, category_name VARCHAR(50) NOT NULL CHECK (category_name <> ''), category_slug VARCHAR(50) NOT NULL CHECK (category_slug <> ''), post_id UUID NOT NULL, PRIMARY KEY (id), CONSTRAINT fk_posts FOREIGN KEY(post_id) REFERENCES posts(id) );`;Here’s the async function where I’m making the insert query:
const insertAuthor = async() => { try { const data = await fs.readFile( path.join( __dirname + '../../data/data.json' ) ); const parsedData = JSON.parse( data.toString() ); const authorID = short.generate(); const authorName = parsedData[ 0 ].author; const authorSlug = slugify( parsedData[ 0 ].author, { strict: true, lower: true } ); const insertData = ` INSERT INTO authors (id, author_name, author_slug) VALUES (${authorID}, ${authorName}, ${authorSlug}); `; await pool.query( insertData ); console.log( 'Data inserted successfully!' ); } catch ( e ) { console.log( e ); }};insertAuthor();UPDATE————————————–
This is how the Postgres log file looks like:
2021-10-18 01:23:16.885 +06 [5964] ERROR: syntax error at or near "Paton" at character 1222021-10-18 01:23:16.885 +06 [5964] STATEMENT: INSERT INTO authors (id, author_name, author_slug) VALUES (an3cxZh8ZD3tdtqG4wuwPR, Alan Paton, alan-paton);Advertisement
Answer
INSERT INTO authors (id, author_name, author_slug) VALUES (an3cxZh8ZD3tdtqG4wuwPR, Alan Paton, alan-paton);Your string values are not quoted. It would have to be…
INSERT INTO authors (id, author_name, author_slug) VALUES ('an3cxZh8ZD3tdtqG4wuwPR', 'Alan Paton', 'alan-paton');You could add quotes to your query, but don’t. Your query as written is insecure and vulnerable to a SQL injection attack. Do not insert values into queries with string concatenation.
Instead, use parameters.
const insertSQL = ` INSERT INTO authors (id, author_name, author_slug) VALUES ($1, $2, $3);`;await pool.query( insertSQL, [authorID, authorName, authorSlug] );Postgres will handle the quoting for you. This is safer, more secure, and faster.
Note that an3cxZh8ZD3tdtqG4wuwPR is not a valid UUID. A UUID is a 128 bit integer often represented as a 32 character hex string.
Note that you also probably want to use autoincrementing primary keys instead of generating the ID yourself. For a UUID primary key, load the uuid-ossp package and use its UUID function as your default.
create extension "uuid-ossp";create table authors ( id uuid primary key default uuid_generate_v4(), -- There's no point in arbitrarily limiting the size of your text fields. -- They will only use as much space as they need. author_name text not null unique check (author_name <> ''), author_slug text not null unique check (author_slug <> ''));insert into authors (author_name, author_slug) values ('Alan Paton', 'alan-paton');