{"id":5768,"date":"2017-06-15T00:23:41","date_gmt":"2017-06-15T07:23:41","guid":{"rendered":"http:\/\/www.mysqltutorial.org\/?page_id=5768"},"modified":"2024-01-03T17:53:15","modified_gmt":"2024-01-04T00:53:15","slug":"select","status":"publish","type":"page","link":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/","title":{"rendered":"Querying Data in MySQL Database from Node.js"},"content":{"rendered":"\n<p><strong>Summary<\/strong>: in this tutorial, you will learn how to query data from a table in MySQL from a Node.js application.<\/p>\n\n\n\n<p class=\"note\">This tutorial picks up where the <a href=\"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/insert\/\">Inserting Rows into a Table from Node.js<\/a> tutorial left off.<\/p>\n\n\n\n<p>The steps for querying data in the MySQL database from a Node.js application are as follows:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/connect\/\">Establish a connection to the MySQL server<\/a>.<\/li>\n\n\n\n<li>Execute a <a href=\"https:\/\/www.mysqltutorial.org\/mysql-basics\/mysql-select-from\/\"><code>SELECT<\/code><\/a> statement and process the result set.<\/li>\n\n\n\n<li>Close the database connection.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Executing a simple query<\/h2>\n\n\n\n<p>Create a new file called <code>select.js<\/code> in the project directory and add the following code to query data from the <code>todos<\/code> table of the <code>todoapp<\/code> database:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-1\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> mysql = <span class=\"hljs-built_in\">require<\/span>(<span class=\"hljs-string\">'mysql'<\/span>);\n\n<span class=\"hljs-keyword\">let<\/span> connection = mysql.createConnection({\n  <span class=\"hljs-attr\">host<\/span>: process.env.DB_HOST,\n  <span class=\"hljs-attr\">port<\/span>: process.env.DB_PORT,\n  <span class=\"hljs-attr\">user<\/span>: process.env.DB_USER,\n  <span class=\"hljs-attr\">password<\/span>: process.env.DB_PASSWORD,\n  <span class=\"hljs-attr\">database<\/span>: process.env.DB_NAME,\n});\n\nconnection.connect(<span class=\"hljs-function\">(<span class=\"hljs-params\">err<\/span>) =&gt;<\/span> {\n  <span class=\"hljs-keyword\">if<\/span> (err) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(err.message);\n\n  <span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos`<\/span>;\n\n  connection.query(sql, &#91;<span class=\"hljs-literal\">true<\/span>], (error, results, fields) =&gt; {\n    <span class=\"hljs-keyword\">if<\/span> (error) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(error.message);\n    <span class=\"hljs-built_in\">console<\/span>.log(results);\n  });\n\n  <span class=\"hljs-comment\">\/\/ close the database connection<\/span>\n  connection.end();\n});<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-1\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>How it works.<\/p>\n\n\n\n<p>First, import the <code>mysql.js<\/code> module:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-2\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> mysql = <span class=\"hljs-built_in\">require<\/span>(<span class=\"hljs-string\">'mysql'<\/span>);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-2\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Second, create a database connection using the <code>createConnection()<\/code> method and provide connection details like host, port, user, password, and database name:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-3\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> connection = mysql.createConnection({\n  <span class=\"hljs-attr\">host<\/span>: process.env.DB_HOST,\n  <span class=\"hljs-attr\">port<\/span>: process.env.DB_PORT,\n  <span class=\"hljs-attr\">user<\/span>: process.env.DB_USER,\n  <span class=\"hljs-attr\">password<\/span>: process.env.DB_PASSWORD,\n  <span class=\"hljs-attr\">database<\/span>: process.env.DB_NAME,\n});<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-3\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Note that we store the values of the connection details in the <code>.env<\/code> file:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-4\" data-shcb-language-name=\"plaintext\" data-shcb-language-slug=\"plaintext\"><span><code class=\"hljs language-plaintext\">DB_HOST=localhost\nDB_PORT=3306\nDB_USER=user\nDB_PASSWORD=password\nDB_NAME=todoapp<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-4\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">plaintext<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">plaintext<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Third, create a connection to the MySQL server. If there&#8217;s an during the connection process, log the error message to the console:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-5\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\">connection.connect(<span class=\"hljs-function\">(<span class=\"hljs-params\">err<\/span>) =&gt;<\/span> {\n  <span class=\"hljs-keyword\">if<\/span> (err) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(err.message);\n  <span class=\"hljs-comment\">\/\/ Connection successful, proceed with queries<\/span>\n  <span class=\"hljs-comment\">\/\/ ...<\/span>\n});\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-5\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Fourth, execute a <code>SELECT<\/code> query:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-6\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos`<\/span>;\n\nconnection.query(sql, &#91;<span class=\"hljs-literal\">true<\/span>], (error, results, fields) =&gt; {\n  <span class=\"hljs-keyword\">if<\/span> (error) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(error.message);\n  <span class=\"hljs-built_in\">console<\/span>.log(results);\n});<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-6\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>In this code, we prepare a <code><a href=\"https:\/\/www.mysqltutorial.org\/mysql-basics\/mysql-select-from\/\">SELECT<\/a><\/code> statement that retrieves data from the <code>todos<\/code> table. Then we use the <code>query()<\/code> method to execute the query.<\/p>\n\n\n\n<p>If the error occurs during the query execution, we log the error message. Otherwise, we display the rows to the console.<\/p>\n\n\n\n<p>Finally, close the database connection:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-7\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\">connection.end();<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-7\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Let&#8217;s run the <code>select.js<\/code> program.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-8\" data-shcb-language-name=\"plaintext\" data-shcb-language-slug=\"plaintext\"><span><code class=\"hljs language-plaintext\">node --env-file .env select.js<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-8\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">plaintext<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">plaintext<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Output:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-9\" data-shcb-language-name=\"plaintext\" data-shcb-language-slug=\"plaintext\"><span><code class=\"hljs language-plaintext\">&#91;\n  RowDataPacket { id: 1, title: 'Learn how to insert a new row', completed: 1},\n  RowDataPacket { id: 2, title: 'Insert a new row with placeholders', completed: 0\n  RowDataPacket { id: 3, title: 'Master Node.js MySQL', completed: 0 },\n  RowDataPacket { id: 4, title: 'Build Node.js \/ MySQL App', completed: 1 }\n]<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-9\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">plaintext<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">plaintext<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>It returned 4 rows with each row wrapped in a <code>RowDataPacket<\/code> object.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Passing data to the query<\/h2>\n\n\n\n<p>The following creates a <code>select_completed.js<\/code> program that retrieves completed todos from the <code>todos<\/code> table:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-10\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> mysql = <span class=\"hljs-built_in\">require<\/span>(<span class=\"hljs-string\">'mysql'<\/span>);\n\n<span class=\"hljs-keyword\">let<\/span> connection = mysql.createConnection({\n  <span class=\"hljs-attr\">host<\/span>: process.env.DB_HOST,\n  <span class=\"hljs-attr\">port<\/span>: process.env.DB_PORT,\n  <span class=\"hljs-attr\">user<\/span>: process.env.DB_USER,\n  <span class=\"hljs-attr\">password<\/span>: process.env.DB_PASSWORD,\n  <span class=\"hljs-attr\">database<\/span>: process.env.DB_NAME,\n});\n\nconnection.connect(<span class=\"hljs-function\">(<span class=\"hljs-params\">err<\/span>) =&gt;<\/span> {\n  <span class=\"hljs-keyword\">if<\/span> (err) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(err.message);\n\n  <span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos WHERE completed=?`<\/span>;\n\n  connection.query(sql, &#91;<span class=\"hljs-literal\">true<\/span>], (error, results, fields) =&gt; {\n    <span class=\"hljs-keyword\">if<\/span> (error) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(error.message);\n    <span class=\"hljs-built_in\">console<\/span>.log(results);\n  });\n\n  <span class=\"hljs-comment\">\/\/ close the database connection<\/span>\n  connection.end();\n});\n<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-10\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Output:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-11\" data-shcb-language-name=\"plaintext\" data-shcb-language-slug=\"plaintext\"><span><code class=\"hljs language-plaintext\">&#91;\n  RowDataPacket { id: 1, title: 'Learn how to insert a new row', completed: 1 },\n  RowDataPacket { id: 4, title: 'Build Node.js \/ MySQL App', completed: 1}\n]<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-11\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">plaintext<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">plaintext<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>In this example, we use the placeholder (<code>?<\/code>) in the <code>SELECT<\/code> statement: <\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-12\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos WHERE completed=?`<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-12\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>and bind values to it in the <code>query()<\/code> method:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-13\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\">connection.query(sql, &#91;<span class=\"hljs-literal\">true<\/span>], (error, results, fields) =&gt; {\n  <span class=\"hljs-keyword\">if<\/span> (error) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(error.message);\n  <span class=\"hljs-built_in\">console<\/span>.log(results);\n});<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-13\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Node.js will replace the <code>?<\/code> int the <code>SELECT<\/code> statement by the <code>true<\/code> argument in the <code>query()<\/code> method when executing the query.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Preventing SQL injection<\/h2>\n\n\n\n<p>Suppose, you want to query a todo based on a specified ID, you might come up with the following code:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-14\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> mysql = <span class=\"hljs-built_in\">require<\/span>(<span class=\"hljs-string\">'mysql'<\/span>);\n\n<span class=\"hljs-keyword\">let<\/span> connection = mysql.createConnection({\n  <span class=\"hljs-attr\">host<\/span>: process.env.DB_HOST,\n  <span class=\"hljs-attr\">port<\/span>: process.env.DB_PORT,\n  <span class=\"hljs-attr\">user<\/span>: process.env.DB_USER,\n  <span class=\"hljs-attr\">password<\/span>: process.env.DB_PASSWORD,\n  <span class=\"hljs-attr\">database<\/span>: process.env.DB_NAME,\n});\n\n<span class=\"hljs-keyword\">let<\/span> id = process.argv&#91;<span class=\"hljs-number\">2<\/span>]; <span class=\"hljs-comment\">\/\/ pass argument to query<\/span>\n\nconnection.connect(<span class=\"hljs-function\">(<span class=\"hljs-params\">err<\/span>) =&gt;<\/span> {\n  <span class=\"hljs-keyword\">if<\/span> (err) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(err.message);\n\n  <span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos WHERE id=`<\/span> + id;\n\n  connection.query(sql, &#91;<span class=\"hljs-literal\">true<\/span>], (error, results, fields) =&gt; {\n    <span class=\"hljs-keyword\">if<\/span> (error) <span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-built_in\">console<\/span>.error(error.message);\n    <span class=\"hljs-built_in\">console<\/span>.log(results);\n  });\n\n  <span class=\"hljs-comment\">\/\/ close the database connection<\/span>\n  connection.end();\n});<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-14\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>For example, you can select the todo with id 1:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-15\" data-shcb-language-name=\"CSS\" data-shcb-language-slug=\"css\"><span><code class=\"hljs language-css\"> <span class=\"hljs-selector-tag\">node<\/span> <span class=\"hljs-selector-tag\">--env-file<\/span> <span class=\"hljs-selector-class\">.env<\/span> <span class=\"hljs-selector-tag\">select_by_id<\/span><span class=\"hljs-selector-class\">.js<\/span> 1<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-15\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">CSS<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">css<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Output:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-16\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\">&#91; RowDataPacket { <span class=\"hljs-attr\">id<\/span>: <span class=\"hljs-number\">1<\/span>, <span class=\"hljs-attr\">title<\/span>: <span class=\"hljs-string\">'Learn how to insert a new row'<\/span>, <span class=\"hljs-attr\">completed<\/span>: <span class=\"hljs-number\">1<\/span> } ]<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-16\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>The program returns the expected data but it has a security issue called SQL injection. <\/p>\n\n\n\n<p>This means a malicious user could manipulate the program by passing SQL code as an argument, potentially causing unauthorized access or data manipulation in the database. <\/p>\n\n\n\n<p>For example, the malicious may pass the following argument to the program to retrieve all rows from the <code>todos<\/code> table:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-17\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\">node --env-file .env select_by_id.js <span class=\"hljs-string\">'1 OR 1 = 1;'<\/span> <\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-17\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>In this command, the <code>'1 OR 1 = 1;'<\/code> is SQL code not the id of the todo.<\/p>\n\n\n\n<p>To address the SQL injection, you need to use either the placeholder (<code>?<\/code>) and bind the value to the parameter:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-18\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos WHERE completed=?`<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-18\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p> or the <code>escape()<\/code> method of the <code>mysql<\/code> or <code>connection<\/code> object as follows:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-19\" data-shcb-language-name=\"JavaScript\" data-shcb-language-slug=\"javascript\"><span><code class=\"hljs language-javascript\"><span class=\"hljs-keyword\">let<\/span> sql = <span class=\"hljs-string\">`SELECT * FROM todos WHERE id = `<\/span> + mysql.escape(id);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-19\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">JavaScript<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">javascript<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>In this tutorial, you have learned how to query data in the MySQL database from a Node.js program.<\/p>\n<div class=\"helpful-block-content\" data-title=\"\">\n\t<header>\n\t\t<div class=\"wth-question\">Was this tutorial helpful? <\/div>\n\t\t<div class=\"wth-thumbs\">\n\t\t\t<button\n\t\t\t\tdata-post=\"5768\"\n\t\t\t\tdata-post-url=\"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/\"\n\t\t\t\tdata-post-title=\"Querying Data in MySQL Database from Node.js\"\n\t\t\t\tdata-response=\"1\"\n\t\t\t\tclass=\"wth-btn-rounded wth-yes-btn\"\n\t\t\t>\n\t\t\t\t<svg\n\t\t\t\t\txmlns=\"http:\/\/www.w3.org\/2000\/svg\"\n\t\t\t\t\tviewBox=\"0 0 24 24\"\n\t\t\t\t\tfill=\"none\"\n\t\t\t\t\tstroke=\"currentColor\"\n\t\t\t\t\tstroke-width=\"2\"\n\t\t\t\t\tstroke-linecap=\"round\"\n\t\t\t\t\tstroke-linejoin=\"round\"\n\t\t\t\t\tclass=\"feather feather-thumbs-up block w-full h-full\"\n\t\t\t\t>\n\t\t\t\t\t<path\n\t\t\t\t\t\td=\"M14 9V5a3 3 0 0 0-3-3l-4 9v11h11.28a2 2 0 0 0 2-1.7l1.38-9a2 2 0 0 0-2-2.3zM7 22H4a2 2 0 0 1-2-2v-7a2 2 0 0 1 2-2h3\"\n\t\t\t\t\t><\/path>\n\t\t\t\t<\/svg>\n\t\t\t\t<span class=\"sr-only\"> Yes <\/span>\n\t\t\t<\/button>\n\n\t\t\t<button\n\t\t\t\tdata-response=\"0\"\n\t\t\t\tdata-post=\"5768\"\n\t\t\t\tdata-post-url=\"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/\"\n\t\t\t\tdata-post-title=\"Querying Data in MySQL Database from Node.js\"\n\t\t\t\tclass=\"wth-btn-rounded wth-no-btn\"\n\t\t\t>\n\t\t\t\t<svg\n\t\t\t\t\txmlns=\"http:\/\/www.w3.org\/2000\/svg\"\n\t\t\t\t\tviewBox=\"0 0 24 24\"\n\t\t\t\t\tfill=\"none\"\n\t\t\t\t\tstroke=\"currentColor\"\n\t\t\t\t\tstroke-width=\"2\"\n\t\t\t\t\tstroke-linecap=\"round\"\n\t\t\t\t\tstroke-linejoin=\"round\"\n\t\t\t\t>\n\t\t\t\t\t<path\n\t\t\t\t\t\td=\"M10 15v4a3 3 0 0 0 3 3l4-9V2H5.72a2 2 0 0 0-2 1.7l-1.38 9a2 2 0 0 0 2 2.3zm7-13h2.67A2.31 2.31 0 0 1 22 4v7a2.31 2.31 0 0 1-2.33 2H17\"\n\t\t\t\t\t><\/path>\n\t\t\t\t<\/svg>\n\t\t\t\t<span class=\"sr-only\"> No <\/span>\n\t\t\t<\/button>\n\t\t<\/div>\n\t<\/header>\n\n\t<div class=\"wth-form hidden\">\n\t\t<div class=\"wth-form-wrapper\">\n\t\t\t<div class=\"wth-title\"><\/div>\n\t\t\t\n\t\t\t<textarea class=\"wth-message\"><\/textarea>\n\n\t\t\t<button class=\"btn btn-primary wth-btn-submit\">Send<\/button>\n\t\t\t<button class=\"btn wth-btn-cancel\">Cancel<\/button>\n\t\t\n\t\t<\/div>\n\t<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>In this tutorial, you will learn how to query data from a table in the MySQL database from a node.js application using the mysql module.<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":5759,"menu_order":3,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-5768","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Querying Data in MySQL Database from a Node.js Program<\/title>\n<meta name=\"description\" content=\"In this tutorial, you will learn how to query data from a table in the MySQL database from the Node.js application using the mysql module.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Querying Data in MySQL Database from a Node.js Program\" \/>\n<meta property=\"og:description\" content=\"In this tutorial, you will learn how to query data from a table in the MySQL database from the Node.js application using the mysql module.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/\" \/>\n<meta property=\"og:site_name\" content=\"MySQL Tutorial\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-04T00:53:15+00:00\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.mysqltutorial.org\\\/mysql-nodejs\\\/select\\\/\",\"url\":\"https:\\\/\\\/www.mysqltutorial.org\\\/mysql-nodejs\\\/select\\\/\",\"name\":\"Querying Data in MySQL Database from a Node.js Program\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.mysqltutorial.org\\\/#website\"},\"datePublished\":\"2017-06-15T07:23:41+00:00\",\"dateModified\":\"2024-01-04T00:53:15+00:00\",\"description\":\"In this tutorial, you will learn how to query data from a table in the MySQL database from the Node.js application using the mysql module.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.mysqltutorial.org\\\/mysql-nodejs\\\/select\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.mysqltutorial.org\\\/mysql-nodejs\\\/select\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.mysqltutorial.org\\\/mysql-nodejs\\\/select\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.mysqltutorial.org\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"MySQL Node.js\",\"item\":\"https:\\\/\\\/www.mysqltutorial.org\\\/mysql-nodejs\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Querying Data in MySQL Database from Node.js\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.mysqltutorial.org\\\/#website\",\"url\":\"https:\\\/\\\/www.mysqltutorial.org\\\/\",\"name\":\"MySQL Tutorial\",\"description\":\"A comprehensive MySQL Tutorial\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.mysqltutorial.org\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Querying Data in MySQL Database from a Node.js Program","description":"In this tutorial, you will learn how to query data from a table in the MySQL database from the Node.js application using the mysql module.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/","og_locale":"en_US","og_type":"article","og_title":"Querying Data in MySQL Database from a Node.js Program","og_description":"In this tutorial, you will learn how to query data from a table in the MySQL database from the Node.js application using the mysql module.","og_url":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/","og_site_name":"MySQL Tutorial","article_modified_time":"2024-01-04T00:53:15+00:00","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/","url":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/","name":"Querying Data in MySQL Database from a Node.js Program","isPartOf":{"@id":"https:\/\/www.mysqltutorial.org\/#website"},"datePublished":"2017-06-15T07:23:41+00:00","dateModified":"2024-01-04T00:53:15+00:00","description":"In this tutorial, you will learn how to query data from a table in the MySQL database from the Node.js application using the mysql module.","breadcrumb":{"@id":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/select\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.mysqltutorial.org\/"},{"@type":"ListItem","position":2,"name":"MySQL Node.js","item":"https:\/\/www.mysqltutorial.org\/mysql-nodejs\/"},{"@type":"ListItem","position":3,"name":"Querying Data in MySQL Database from Node.js"}]},{"@type":"WebSite","@id":"https:\/\/www.mysqltutorial.org\/#website","url":"https:\/\/www.mysqltutorial.org\/","name":"MySQL Tutorial","description":"A comprehensive MySQL Tutorial","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mysqltutorial.org\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/pages\/5768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/comments?post=5768"}],"version-history":[{"count":5,"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/pages\/5768\/revisions"}],"predecessor-version":[{"id":14087,"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/pages\/5768\/revisions\/14087"}],"up":[{"embeddable":true,"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/pages\/5759"}],"wp:attachment":[{"href":"https:\/\/www.mysqltutorial.org\/wp-json\/wp\/v2\/media?parent=5768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}