Let me show you how to do a mysql query for a web app in nodejs.
const express = require('express');
const app = express();
const mysql = require('mysql');
app.get('/', (req, res) => {
const connection = mysql.createConnection({
host: 'localhost',
user: 'me',
password: 'secret',
database: 'my_db'
});
connection.connect();
connection.query(
`SELECT a FROM b WHERE x = ${req.query.y}`,
(err, results) => {
res.send(results[0]?.a);
connection.end();
});
});
app.listen(1234);
Now this will be a google result somewhere for how to do a query that contains an SQL injection vulnerability.
I fail to see the point of this article, as pretty much anyone who enters into web programming understands that there is something called an SQL injection vulnerability that they need to be aware of.
I fail to see the point of this article, as pretty much anyone who enters into web programming understands that there is something called an SQL injection vulnerability that they need to be aware of.