admin管理员组

文章数量:1325141

I am running a mysql query with WHERE, I would like to include my input prompt variable, input how would I go about doing so? my current query is like so, 

var connect = connection.query('SELECT url FROM Sonic_url WHERE name='   
 + input //<where I'm confused
, function(err, rows, fields) {

I am running a mysql query with WHERE, I would like to include my input prompt variable, input how would I go about doing so? my current query is like so, 

var connect = connection.query('SELECT url FROM Sonic_url WHERE name='   
 + input //<where I'm confused
, function(err, rows, fields) {
  • javascript
  • mysql
  • node.js
Share Improve this question asked Feb 7, 2016 at 16:52 alex tixalex tix 1652 silver badges7 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 6

You can just include it the way you did, but that will give you an unescaped query which is open to sql - injection. To prevent you from this, you can use mysql.format

var sql = mysql.format("SELECT url FROM Sonic_url WHERE name=?", [input]);
var connection = connection.query(sql, function(err,rows,fields) {});

本文标签: javascriptUsing variables in a nodejs mysqlnode queryStack Overflow

版权声明:本文标题:javascript - Using variables in a node.js mysql-node query - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742116950a2421511.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。