Using variables in a node.js mysql-node query
Question
I am running a mysql query with WHERE, I would like to include my input prompt variable, input how would I go about doing so? my current query is like so,
var connect = connection.query('SELECT url FROM Sonic_url WHERE name='
+ input //<where I'm confused
, function(err, rows, fields) {
1 answers
solution1
5 ACCPTED 2016-02-07 17:05:08
You can just include it the way you did, but that will give you an unescaped query which is open to sql - injection. To prevent you from this, you can use mysql.format
var sql = mysql.format("SELECT url FROM Sonic_url WHERE name=?", [input]);
var connection = connection.query(sql, function(err,rows,fields) {});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Update query using MySQL and Node.js
NODEJS and mysql-node and no databases changes
node.js - Using SQL variables in js query string
Unable to run MYSQL query using multiple user-defined variables from Node.js
Encrypting data using query in Node.js and MySql
Unable to execute Sql query in node.js using mysql module
Node.js parsing error with mysql query
undefined result in mysql query with node.js
Node.js mysql query is undefined
Node.js MySQL Delete Query
Related Tags