stackoom
  简体   繁体   中英

Pass existing data after edit button was clicked to ejs from Node

 原文  2019-03-17 18:34:53       javascript/ node.js/ ejs

Question

connection.query('update customers set ? where id ='+ req.params.id, user, function(err, result) {
    if(err) {
      req.flash('error', err);

      //Since there is an error need to render back the edit page
      res.render('/customers/edit', {
         title: 'Edit Customer',
         id: req.params.id,
         name: 'select Name from customers where id='+req.params.id,
         email: 'select Email from customers where id='+req.params.id
      })
    } else {
         req.flash('success', 'Data updated successfully!');
         res.redirect('/customers');
    }
 })

edit.ejs: 

<body>
<%= console.log(id) %>
<form action="/customers/update/<%= id %>" method="post" name="form1">
<div class="form-group">
  <label for="exampleInputPassword1">Name</label>
  <input type="text" class="form-control" name="name" id="name" value="<%= name %>" placeholder="Name">
</div>
<div class="form-group">
  <label for="exampleInputEmail1">Email address</label>
  <input type="email" class="form-control" name="email" id="email" aria-describedby="emailHelp" placeholder="Enter email" value="<%= email %>">
</div>

<button type="submit" class="btn btn-info">Update</button>
</form>
</body>

I am fresh in NodeJS, I am trying to get name and email as default values from existing name and email values after clicking on edit button. If i console.log(id), it logs in the id in the console, however, name and email is undefined if i log them, I am not sure how to pass them in res.render to be able to access it in template, please suggest.

1 answers

solution1
 0  2019-03-17 23:54:14

First off, your code is vulnerable to sql injection . I can pass a query, such as '1 UNION DROP TABLE user', into the path '/customers/update/' and basically do whatever I want with your DB.

You need to assemble your query like this: 

var sql = 'UPDATE customers SET someColumn = ?, someOtherColumn = ? WHERE id = ?';

Then execute the query like this: 

var params = ['someValue', 'someOtherValue', 1];
connection.query(sql, params, function(err, result) {
if (err) { //do something

}
});

Now, on your res.render, you are trying to pass 'select Name from customers where id='+req.params.id which will set the value of name equal to the query, not the result of the query.

If you want to pass the result of the query to the template, then you will have to run an additional connection.query . It would look something like this: 

var params = ['someValue', 'someOtherValue', 1];
connection.query(sql, params, function(err, result) {
if (err) { //do something
    connection.query('SELECT name, email FROM user WHERE id = ?', [req.params.id], function(err, result) {
      if (err) { //do something
          res.render('/customers/edit', {
            title: 'Edit Customer',
            id: req.params.id,
            name: result[0],
            email: result[1]
          });
      }
    });
}
});

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Pass Data Value from MongoDB to ejs Template in Node.js How to present checkbox values in HTML (using ejs) after extracting data from mongo for User to Edit? How to pass Data from express to .ejs file while redirecting in node.js How do I take data from multiple node-request bodies and pass into an EJS file How to pass data from child to parent when button clicked in parent fetching data from findAll and pass it to ejs file How to pass data from express to ejs How to pass an object from EJS to Node.js Router - Javascript, EJS, Node.js, MySQL How to pass data to ejs file in sails & node.js? How to pass data between ejs/static page to node express app
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM