Complete the code to safely insert a user ID into the SQL query using parameterization.
const userId = 5; const query = "SELECT * FROM users WHERE id = [1]";
Using ? is the standard placeholder for parameterized queries in many Node.js SQL libraries like sqlite3 or mysql.
Complete the code to pass the user ID as a parameter to the query execution function.
db.query("SELECT * FROM users WHERE id = ?", [1], (err, results) => { if (err) throw err; console.log(results); });
The parameters must be passed as an array to match the placeholders in the query.
Fix the error in the code by completing the parameterized query syntax for PostgreSQL using node-postgres.
const userId = 10; const query = "SELECT * FROM users WHERE id = [1]"; client.query(query, [userId], (err, res) => { if (err) throw err; console.log(res.rows); });
? placeholder which is not supported by node-postgres.PostgreSQL with node-postgres uses numbered placeholders like $1 for parameterized queries.
Fill both blanks to safely update a user's email using parameterized query with mysql2 library.
const userId = 7; const newEmail = "user@example.com"; const query = "UPDATE users SET email = [1] WHERE id = [2]"; db.execute(query, [newEmail, userId], (err, results) => { if (err) throw err; console.log(results); });
MySQL libraries like mysql2 use ? as placeholders for all parameters in the query.
Fill all three blanks to safely select users by status and age using parameterized query with node-postgres.
const status = 'active'; const minAge = 18; const maxAge = 30; const query = `SELECT * FROM users WHERE status = [1] AND age >= [2] AND age <= [3]`; client.query(query, [status, minAge, maxAge], (err, res) => { if (err) throw err; console.log(res.rows); });
? placeholders with node-postgres.PostgreSQL uses numbered placeholders $1, $2, $3 matching the order of parameters.