Parameters may not be used for column or table names. This automatically sanitizes inputs RE: issue #57. There are three ways of passing bind parameters: directly in the function's arguments, as an array, and as an object for named parameters. They will be bound to the statement before it is executed. (optional): When the SQL statement contains placeholders, you can pass them in here. If no callback was passed and preparing fails, an error event will be emitted on the underlying Statement object. If the SQL query is invalid and a callback was passed to the function, it is called with an error object containing the error message from SQLite. The function returns the Database object for which it was called to allow for function chaining. Runs the SQL query with the specified parameters and calls the callback afterwards.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |