nodejs Mysql escaping query
const mysql = require('mysql');
const connection = mysql.createConnection({
host: 'your_host',
user: 'your_user',
password: 'your_password',
database: 'your_database'
});
connection.connect();
const userInput = "user_input_value";
const escapedInput = connection.escape(userInput);
const query = `SELECT * FROM your_table WHERE column_name = ${escapedInput}`;
connection.query(query, (error, results, fields) => {
if (error) throw error;
console.log(results);
});
connection.end();