I am using the mysql module with my Node.js/Express application.
When I query MySQL for data it doesn't have, it shows errors. Thats what Im expecting. But if I use connection.escape() on the data passing through, even though theres suppose to be an error, it acts likes nothing happened and continues down the code. Why?
Below is the code I have. Remember I am passing in data that doesn't exist. I am expecting the error, I want it to happen.
Below does what I expect. The id I passed via POST is not in the database, thus console logging: ERROR
app.post('/check', function(req,res) {
connection.query('SELECT * FROM category where id="' + req.body.id + '"', function(err,rows,fields) {
if(err) {
console.log('ERROR');
} else {
console.log('SUCCESS');
}
});
});
Below I have added the connection.escape() feature. Now when it runs, even though the data is not in the database it console logs SUCCESS.
app.post('/check', function(req,res) {
connection.query('SELECT * FROM category where id=' + connection.escape(req.body.id) + '', function(err,rows,fields) {
if(err) {
console.log('ERROR');
} else {
console.log('SUCCESS');
}
});
});
Why is this happening?
This is the error I get when I run the first example of code. The 2nd example I dont get any errors until I reach an empty property that is related to the query. Since there were no results and I couldnt stop the application when the error is suppose to occur
[Error: ER_BAD_FIELD_ERROR: Unknown column 'fsaf' in 'where clause']
code: 'ER_BAD_FIELD_ERROR',
errno: 1054,
sqlState: '42S22',
index: 0 }
