I'm trying to check if email already exists and i'm sending daniyal@gmail.com in email parameter but getting error column "daniyal" does not exist.
ctx.app.pool.query("SELECT * FROM users WHERE email = " + ctx.request.body.email, (err, result) => {
if (err) {
ctx.body = {
status: 500,
message: 'Something went wrong'
};
console.log('Query Error: ', err);
throw err
} else {
ctx.body = {
exceptions: "",
status: 200,
error: false,
message: "user already exists with this email",
};
}
});
Your immediate issue is that you are missing single quotes around the value that you are passing (hence, Postgres considers it a column name).
But for this, you do want to use a parameterized query, for both security and efficiency
ctx.app.pool.query(
"SELECT * FROM users WHERE email = ?",
[ctx.request.body.email],
function(err, result) => {
if (err) {
ctx.body = {
status: 500,
message: 'Something went wrong'
};
console.log('Query Error: ', err);
throw err
} else {
ctx.body = {
exceptions: "",
status: 200,
error: false,
message: "user already exists with this email",
};
}
}
);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.