This mssql is the library I’m using for SQL Server.
To make a prepared statement you need to get PreparedStatement object and you need to do:
ps.inputps.prepareps.executeps.unprepare
Then handle errors as you go.
<code>router.get('/debtors/', async (req, res) => {
const column = req.query.column
console.log(column)
res.send("ok")
const ps = new sql.PreparedStatement(/* [pool] */)
ps.input('param', sql.VarChar(20))
ps.prepare('select @param from debtors', err => {
ps.execute({ param: column }, (err, result) => {
console.log("Result: " + result);
ps.unprepare(err => {
})
})
})
})
</code>
<code>router.get('/debtors/', async (req, res) => {
const column = req.query.column
console.log(column)
res.send("ok")
const ps = new sql.PreparedStatement(/* [pool] */)
ps.input('param', sql.VarChar(20))
ps.prepare('select @param from debtors', err => {
ps.execute({ param: column }, (err, result) => {
console.log("Result: " + result);
ps.unprepare(err => {
})
})
})
})
</code>
router.get('/debtors/', async (req, res) => {
const column = req.query.column
console.log(column)
res.send("ok")
const ps = new sql.PreparedStatement(/* [pool] */)
ps.input('param', sql.VarChar(20))
ps.prepare('select @param from debtors', err => {
ps.execute({ param: column }, (err, result) => {
console.log("Result: " + result);
ps.unprepare(err => {
})
})
})
})
This code is from the official documentation just tweaked slightly. The URL I’m sending using postman is this:
<code>localhost:8687/debtors/?column=id
</code>
<code>localhost:8687/debtors/?column=id
</code>
localhost:8687/debtors/?column=id
console.log("Result: " + result); results in an error:
Result: undefined
I’m not sure why. req.query.column does return the string ‘id’ and I’ve set it as a VarChar(20). I’ve also tried moving @param around to see if there are restrictions.
<code>select *
from debtors
where first = @param
</code>
<code>select *
from debtors
where first = @param
</code>
select *
from debtors
where first = @param
So the next thing I tried is this but result is still undefined. I’m not sure why. Any help is appreciated.
3