Is dynamic SQL considered to be bad practice? if so, why is that? what are the alternatives to achieve the same effect?eg;router.get("/register", function(req, res){ var sql = "INSERT INTO user_authentication (name, age)" + "VALUES (" + req.query.name + "," + req.query.age ")"; app.con.query(sql, function (err, result) { console.log("1 record inserted"); }); });
Submitted June 23, 2017 at 05:07AM by badboyzpwns
No comments:
Post a Comment