Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var mysql = require('mysql');
- var express = require('express');
- var connection = mysql.createConnection({
- host: 'localhost',
- user: 'root',
- database: 'injection',
- password: '',
- multipleStatements: true // Mengaktifkan eksekusi multiple statement
- });
- connection.connect(function(err){
- if(!err) {
- console.log("Berhasil terkoneksi dengan database !!!");
- } else {
- console.log("Gagal terkoneksi dengan database !!!");
- }
- });
- var app = express();
- app.get('/:id', function(req, res, next) {
- //Query SQL yang tidak terfilter dengan benar
- connection.query('SELECT * FROM users WHERE id="' + req.param('id') + '"', function(err, rows, fields) {
- if (err) {
- next(err);
- return;
- }
- res.send(JSON.stringify(rows));
- });
- });
- app.listen(3000);
- console.log('Server Berjalan Port 3000 :)');
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement