node.js - why mysql.escape will parse 'hello' to '\'hello\'' -
i escape parameter @ first , concat sql string when querying. when concat query strings using like
:
const name = mysql.escape(req.info.name) const sqlstring = `select...name '%${name}%'`
it lead select ... name '%'hello'%'
, want select ... name '%hello%'
Comments
Post a Comment