Please refer to: node.js express mysql stores the content of the article (html code) and the code reports an error.

* * Environment:
node.js express mysql**
question:
when mysql inserts article data, there is an error storing the details of the article, as follows:
You have an error in your SQL syntax; Check the manual that corresponds to your MySQL server version for the right syntax to use near" http://example.com/movies.json")
plain text content is fine, but there is a" code snippet "that seems to report an error.
(do I have to translate, find a method, just come into contact with node.js)
syntax says: 

insert into article_list
          (title,author,summary,is_top,catalog_alias,content)
           values
            ("${req.body.title}",
            "${req.body.author}",
            "${req.body.summary}",
            "${req.body.is_top}",
            "${req.body.catalog_alias}",
            "${req.body.content}")`;

as shown in the figure:

Stored-procedure mysql express node.js
Mar.21,2021

do not concatenate strings directly. If your content includes the following symbols'--[], etc., you may report an error.
for example, if you originally wanted to query select * from table where name ='${var1}'; , if your variable var1 is Mr.W'O , then your statement becomes select * from table where name = 'Mr.W'O'; after concatenation. There are three'of course syntax errors reported in the statement. It is still a small matter to report an error, and it is troublesome to be used by hackers to inject sql.
it is recommended that you use node's module mysql or mysql2 to encode variables, which may be written in this way 

var sql = `insert into article_list
          (title,author,summary,is_top,catalog_alias,content)
           values
            (?,?,?,?,?,?)`;
let result = mysql.query(sql, [req.body.title, req.body.author,req.body.summary,req.body.is_top])

Previous: Which api can WeChat Mini Programs use to adjust the camera for AR?

Next: After packaging the react project with create-react-app, all the class is lost. How to solve it?

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu