node sql语句占位符用法(防sql注入攻击)

1.
const mysql=require("mysql");

const db=mysql.createConnection({
  host:"localhost",
  port:3306,
  user:'root',
  password:'123456',
  database:'blog',//数据库名
  multipleStatements: true,//可执行多条sql语句
});

2.

db.query('select * from userinfo where uid =?',[1],function(err,data){
      if(err){
        rej(err)
      }else{
        ctx.response.body={...responseObj,data:data[0]}
        res()
      }
    })
 db.query('delete from userList where id=?',[id],function(err,data){
        if(err){
          rej(err)
        }else{
          console.log('删除回执',data);
          res({success:true})
        }
      })
 db.query(`INSERT INTO bibilist SET ?`,{name,link,imgurl,isShow,createTime},function(err,data){
      if(err){
        rej(err)
      }else{
        ctx.response.body={...responseObj}
        res()
      }
    })
db.query(`update bibilist SET ? where bid = ?`,[{isShow},bid],function(err,data){
      if(err){
        rej(err)
      }else{
        ctx.response.body={...responseObj}
        res()
      }
    })
2.
posted @ 2020-07-09 18:23  米牙  阅读(668)  评论(0编辑  收藏  举报