Socket.io,Node.js:如何将javascript变量从javascript.js中传递给mysql查询?
[尝试将值'222.222.222.222'的变量传递到mysql查询中,但是当将'2'的变量传递到相同的mysql查询中时出错,
任何帮助将不胜感激。
这会产生错误:
var javascriptVariable = '222.222.222.222';
$query = 'INSERT INTO misc_table (misc_field) VALUES ('+javascriptVariable+')';
connection.query($query, function(err, rows, fields) {
if(err){
console.log("An error ocurred performing the query.");
return;
}
console.log("Query succesfully executed: ", rows);
});
这不会给出错误:
var javascriptVariable = '2';
$query = 'INSERT INTO misc_table (misc_field) VALUES ('+javascriptVariable+')';
connection.query($query, function(err, rows, fields) {
if(err){
console.log("An error ocurred performing the query.");
return;
}
console.log("Query succesfully executed: ", rows);
});
从未想过以这种方式更新数据库。第一。实际上,您尝试执行下一个代码
INSERT INTO misc_table (misc_field) VALUES (222.222.222.222)
第二。这是SQL注入的直接方法
Th。尝试这样的事情
var javascriptVariable = '222.222.222.222';
let $query = 'INSERT INTO misc_table (misc_field) VALUES (?)';
connection.query(
$query,[ javascriptVariable ],
function (...args) {
....
}
);