Parameterizing MySQL Queries in Node
Blog: Oracle BPM
To mitigate SQL injection attacks, queries that use user-provided input should be parameterized. In this post, we will discuss how to use named and unnamed parameters in a Node application. Finally, we show how to use the SQL Template Tag module to create unnamed placeholders and the related values in a single statement.