I do most of my db stuff like this... is this okay or should I do escape(req.body.name)router.post('/addfolder', (req, res) => { let id = req.session.userid; if ( id ) { MongoClient.connect('mongodb://localhost:27017', { useNewUrlParser: true }, (error, client) => { const col = client.db('test').collection('files'); col.insertOne({ owner: id, name: req.body.name, parent: req.body.parent, file: false }, (err, result) => { res.sendStatus(200); }); client.close(); }); } else { res.sendStatus(401); } });
Submitted August 06, 2018 at 12:25AM by superfake123
No comments:
Post a Comment