堆栈内存溢出
  简体   繁体   English

如何在不知道数组名称的情况下获取数组的值

[英]How do I get the value of an Array without knowing the name of the Array

 原文  2022-07-03 12:23:52       javascript/ mysql/ arrays/ javascript-objects/ bcrypt

问题描述

im currently working on a user authentication system using expressJS.我目前正在使用 expressJS 开发用户身份验证系统。 Therefore to encrypt my data I am using bcrypt.因此,为了加密我的数据,我正在使用 bcrypt。 Then I save the encrypted data to a MySQL Database.然后我将加密数据保存到 MySQL 数据库中。 Then when logging in I get the saved password using SELECT password FROM USERS WHERE email=${emailUserEntered} .然后在登录时,我使用SELECT password FROM USERS WHERE email=${emailUserEntered}获取保存的密码。 Well that works but it gives me this output:很好,但它给了我这个 output:

[
  {
    password: '$2b$10$MyvQenconTHygpwbY/1ExampleHashYju2i8Bq'
  }
]

My code:我的代码:

  let userPassword = await db.promise().query(`SELECT password FROM USERS WHERE email='${req.body.email}';`);
  const data = userPassword[0].password;
  console.log(data)


  var result = bcrypt.compareSync(req.body.password, data);
  if (result) {
    res.send('SUCCESS!');
  } else {
    res.send('WRONG!');
  }

How can only get the actual hash as a String and not the brackets and all that?如何只能将实际的 hash 作为 String 而不是括号等等?
Thanks in advance, have a nice day提前致谢,祝你有美好的一天

2 个解决方案

解决方案1
 1 已采纳  2022-07-03 13:14:31

I suspect your library's query() might be returning a [rows, fields] array.我怀疑您的图书馆的query()可能会返回一个[rows, fields]数组。
mysql2 's query() does, at least. mysql2query()至少可以。

Maybe the below?:也许是下面?:

  let [rows, fields] = await db.promise().query(`SELECT password FROM USERS WHERE email='${req.body.email}';`);
  const password = rows[0].password;
  console.log(password)

Warning : also, the above code may potentially lead to a frightful SQL injection depending on what may hide under the req.body.email .警告:另外,上面的代码可能会导致可怕的SQL 注入,具体取决于隐藏在req.body.email下的内容。 Please take a look at the Prepared Statements to mitigate this.请查看Prepared Statements以减轻这种情况。 More info: How can prepared statements protect from SQL injection attacks?更多信息: 准备好的语句如何防止 SQL 注入攻击? . .

解决方案2
 0  2022-07-03 12:29:21

I guess you are using JavaScript, so you can do something like that我猜你正在使用 JavaScript,所以你可以这样做

const {password} = JSON.parse(JSON.stringify(SQL_QUERY_RES).then(items=>items[0])

or或者

const data = JSON.parse(JSON.stringify(SQL_QUERY_RES))[0].password

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在不知道其索引的情况下删除嵌套数组? - How do I delete a nested array without knowing its index? 我如何在不知道Javascript是什么的情况下引用数组的索引? - How do I reference the index of an array without knowing what it is in Javascript? Javascript:如何在不知道键名的情况下解析json数组? - Javascript: How to parse a json array without knowing the key name? 如何在不知道每个字符串的大小的情况下从数组中的每个字符串中获取子字符串? - How can I get a substring from each string in an array, without knowing the size of each? 如何在不知道确切字符串的情况下获取数组中的特定元素 - How to get specific element within an array without knowing the exact string 如何在不知道使用JSON的javascript中特定键的情况下获取属性值 - How do I get property value without knowing it's specific key in javascript using JSON 如何在不知道其值的情况下获取 javascript 中的数组索引 - how to get index of array in javascript whihout knowing its value 如何在不知道值名的情况下从 JSON 文件中获取单个值和值名 - How to get a single value and value name from an JSON file without knowing the value name 在不知道键名的情况下从对象的JSON数组中获取键/值 - Get key/values from JSON array of objects without knowing the key name 如何在数组中的数组中获取值 - How do I get a value in an array within an array
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM