0

Please i am very new to node js and expressjs framework. I am developing a web Application and i am stuck. I have setup all my database requirements and all is working just fine , now i want to save some data into the database and i have the data store in a variable, but unfortunately the data stored in the variable(MyID) is not saved. This is my code

var= MyID

app.post("/addContact", function(req, res){

    var postData = {
       // MyID: req.body.txtemplyeeID************Get employee ID as a foreign Key and Insert it,
        EmployeeID:req.body.txtemployeeID,
        FatherName:req.body.txtfathersName,
        MotherName:req.body.txtMothersName,
        NameOfSpouse:req.body.txtSpouseName,
        SpouseAddress:req.body.txtSpouseAddress,
        ParentsAddress:req.body.txtParentsAddress,
        EmployeeAddress:req.body.txtEmployeeAddress

    };
    connection.connect();
    connection.query('SELECT MyID from employees where EmployeeID='+"'"+ postData.EmployeeID +"'" +'', function(err, rows, fields) {

        if (err) throw err;

        for (var i in rows)
        {
            var results = rows[i];
            MyID=results.MyID;
            console.log(MyID);

        }

    })

        connection.query('INSERT INTO EmployeeContacts(MyID,FatherName,MotherName,NameOfSpouse,SpouseAddress,ParentsAddress,EmployeeAddress) VALUES ('+"'"+ MyID +"'"+','+"'"+ postData.FatherName +"'" +','+"'"+ postData.MotherName +"'" +','+"'"+ postData.NameOfSpouse +"'" +','+"'"+ postData.SpouseAddress +"'" +','+"'"+ postData.ParentsAddress +"'" +','+"'"+ postData.EmployeeAddress +"'" +');',
        function(err,results){
            if(err)console.log(err);
            else
            console.log("Success");
            connection.end() ;
            res.redirect("/addContact");

        });

});

}

Improve this question
4
  • You have a SQL injection vulnerability. Commented Jan 1, 2014 at 18:06
  • 1
    Your second query runs before the first one finishes Commented Jan 1, 2014 at 18:07
  • Take a step back and make sure your database connection itself works before getting into dynamic queries. Then log the response from your connection. Is it erroring? What does it say? Commented Jan 1, 2014 at 18:35
  • My database connection is working fine and when i replace the variable MyID with just a raw data like eg: 2 it saves but when i store the 2 in the MyID it doesn't save. I think SLaks is right, but i don't really know how to fix this. Commented Jan 1, 2014 at 18:50

1 Answer 1

Reset to default
1

Since you have a properly formed object, you should use :

connection.query('INSERT INTO EmployeeContracts SET ?', postData, function(err, results) {
  if (err) {
    console.error(err);
  } else {
    res.redirect('/addContract');
});

This is safer and cleaner. Also, I don't think you must end the connection explicitly after the query is treated.

And to avoid your second query to be executed before the first ends, just split those in two function and pass the MyId as a callback for the insertion with the object you created with the post data.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.