p_info_query('SELECT * FROM ' + <table> + ' WHERE name = ' + user_name, password, client_connect.id, p_info, function(results) {
This seems to produce a Unknown Column ‘user_name’.
I searched online for some examples of people doing this, but I couldn’t find any. I want to query for specific things, maybe even comparing 2 values, user and password.
Any help?
// edited for p_info_query function
function p_info_query(sql, password, client_socket_id, player_info_object, callback) {
var result = mysql_client.query(sql, function (error, results, fields) {
if (error) {
console.log('ERROR IN MYSQL LOGIN CALLBACK : '+ error);
return false;
}
if (results.length > 0) {
// do stuff
callback(true);
} else {
callback(false);
}
}
});
Your problem is that you’re not quoting the
user_nameso you end up with SQL like this:where
whateveris the value ofuser_name, an unquoted value like that is parsed as an identifier (essentially a column name in that context), hence your “unknown column” error.Presumably
p_info_queryis something of your own as it isn’t part of node-mysql. You should modify it to use placeholders so that it can do things like this internally:Note the
?in the SQL and the[user_name]array.Now that we know what
p_info_querylooks like, we can fix that too; you should update it look more like this:Then you can say this:
to use a placeholder.