How to write mysql query in node.js?

Insert Query

Insert Multiple Records

Inserted ID

Insert Query

Select Query

where clause :-

where clause :-

Wildcard Characters

select the records that starts, includes, or ends with a given letter. Use the '%' wildcard to represent zero, one or multiple characters:

Select data where the name starts with the letter 'S':

Escaping Query Values

When query values are variables provided by the user, you should escape the values.

This is to prevent SQL injections, which is a common web hacking technique to destroy or misuse your database.

use a ? as a placeholder for the values

Multiple values use array.

Node.js MySQL Order By :- Sort the Result

Use the ORDER BY statement to sort the result in ascending or descending order.

The ORDER BY keyword sorts the result ascending by default.

asc

desc

order by desc :

Node.js MySQL Delete

Node.js MySQL Update

update existing records in a table by using the "UPDATE" statement

MySQL Limit

limit the number of records returned from the query, by using the "LIMIT"

Limit offset :

Start from position 3, and return the next 5 records:

Note: "OFFSET 2", means starting from the third position, not the second!

SQL statement like this "LIMIT 2, 5" which returns the same as the offset example

MySQL Join

You can combine rows from two or more tables, based on a related column between them, by using a JOIN statement.

Left Join

If you want to return all users, no matter if they have a favorite product or not, use the LEFT JOIN statement:

Right Join

If you want to return all products, and the users who have them as their favorite, even if no user have them as their favorite, use the RIGHT JOIN statement:

Inner Join

Like

like query

IN clause in mysql nodejs

IN clause :

between

count

Group by

Having

Node.js - how to prevent SQL injection

SQL injection is a very serious problem for web developers. It involves entering a SQL subquery in place of the main query value, which may then be incorrectly processed by the database.

3 ways to defend against SQL injection Attack:

escape() method

placeholders

named-placeholders - external npm package

Placeholders

In this case, we create a query that has question marks in the places where we want to insert something. values in the array are inserted in the order in which they were passed.

Note: ? is for ordinary values, ?? is used for column and table names.

Distinct

Node.js - MySQL Inner Join

Stored Procedures

a stored procedure is prepared SQL code that you can save to a database, so that it can easily be reused.

A stored routine is a set of SQL statements that can be stored in the server.

Delimiter (Creating a Stored Procedure)

The delimiter is the character or string of characters that you'll use to tell the mySQL client that you've finished typing in an SQL statement. For ages, the delimiter has always been a semicolon. in a stored procedure, one can have many statements, and each must end with a semicolon. In this tutorial I will use “//”

The first part of the statement creates the procedure. The next clauses defines the optional characteristics of the procedure. Then you have the name and finally the body or routine code. Stored procedure names are case insensitive, and you cannot create procedures with the same name.

The four characteristics of a procedure are: Language : For portability purposes; the default value is SQL. Deterministic : If the procedure always returns the same results, given the same input. This is for replication and logging purposes. The default value is NOT DETERMINISTIC. SQL Security : At call time, check privileges of the user. INVOKER is the user who calls the procedure. DEFINER is the creator of the procedure. The default value is DEFINER. Comment : For documentation purposes; the default value is ""

Calling a Stored Procedure

To call a procedure, you only need to enter the word CALL, followed by the name of the procedure, and then the parentheses, including all the parameters between them (variables or values). Parentheses are compulsory.

create procedure

call the procedure

Delete a Stored Procedure

Modify a Stored Procedure

MySQL provides an ALTER PROCEDURE statement to modify a routine, but only allows for the ability to change certain characteristics. If you need to alter the body or the parameters, you must drop and recreate the procedure.

Variables

define variables, and store values inside a procedure. You must declare them explicitly at the start of the BEGIN/END block, along with their data types. Once you've declared a variable, you can use it anywhere that you could use a session variable, or literal, or column name.

Working with variables

Flow Control Structures

MySQL supports the IF, CASE, ITERATE, LEAVE LOOP, WHILE and REPEAT constructs for flow control within stored programs.

CASE statement

The CASE statement is another way to check conditions and take the appropriate path. It's an excellent way to replace multiple IF statements.

WHILE statement

Cursors

Cursor is used to iterate through a set of rows returned by a query and process each row.

Union

UNION() is used to return the values from two or more tables without duplicates.

Note :-1. Column names may not be same but they are in same order with respect to datatypes.
2. Total number of columns while selecting the columns with UNION must be same.

Previous Next