节点MySQL转义LIKE语句 [英] Node MySQL escape LIKE statement
本文介绍了节点MySQL转义LIKE语句的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如何在node-mysql中转义MySQL LIKE语句?
How do escape a MySQL LIKE statement in node-mysql?
"SELECT * FROM card WHERE name LIKE '%" + connection.escape(req.body.search) + "%'"
结果
'SELECT * FROM card WHERE name LIKE \'%\'hello\'%\''
这是语法错误。如果我使用替代语法
Which is a syntax error. If I use the alternative syntax of
connection.query("SELECT * FROM card WHERE name LIKE '%?%'", req.body.search, function () {});
导致类似的语法错误。我也试过了
Results in a similar syntax error. I've also tried
connection.query("SELECT * FROM card WHERE name LIKE ?", '%' + req.body.search + '%', function () {});
最终逃脱'%'符号。
推荐答案
不确定为什么它会在你的上一个例子中转义%
,因为这对我来说很好:
Not sure why it's escaping the %
in your last example, because that works fine for me:
// lifted from my code:
var value = 'ee20e966289cd7';
connection.query('SELECT * from django_session where session_key like ?', '%' + value + '%', ...)
// Result:
[ { session_key: '713ee20e966289cd71b936084a1e613e', ... } ]
当我打开驱动程序中的调试时(传递 debug:true
作为 mysql.createConnection
的参数,它不会转义百分号:
When I turn on debugging in the driver (pass debug:true
as argument to mysql.createConnection
), it doesn't escape the percent sign:
{ command: 3,
sql: 'SELECT * from django_session where session_key like \'%ee20e966289cd7%\'' }
( 逃避单引号,但这是出于显示目的只有)
(it does escape the single quote, but that's for display purposes only)
(使用 mysql@2.0.0-alpha8
)
这篇关于节点MySQL转义LIKE语句的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文