You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '+this.escapeHTML(a)+''' at line 3