Im using node.js mysql-simple-pool and I am trying to escape user input. Doing
pool.query('INSERT INTO table SET ?', tableData, function(err, results) {
if (err) {
console.log(err);
return;
}
console.log(results);
});
where tableData = {name: 'jon', last: 'doe'} I get [TypeError: Object #<Pool> has no method 'escape']. So is there a way around this or do I need to claim the connection to escape the values?
EDIT
I just tested claiming the connection and got the same results as mentioned above. Im lost now :D
pool.claim(function(err, connection) {
if (err) {
console.log('Claimning connection error: ' + err);
return;
}
connection.query('INSERT INTO table SET ?', tableData, function(err, results) {
if (err) {
console.log('Error inserting job to DB: ' + err);
return;
}
console.log('Insert results :' + results);
connection.end();
});
});
Well after looking at node-mysql, it supports connection pooling. I made the switch and can use .escape() to sanitize data. :D