nodejs mssql insert with parameters

Question

I\'m new to NodeJS where I\'m trying to insert into a table with parameters so I can avoid SQL Injection and just escape any characters that might cause issues.

So

Answer 1

You can use the connection pool request object to add parameters, e.g.

const request = pool.request()
request.input('myval', sql.VarChar, 'value')
request.query('insert into testtable (somecolumn) values (@myval)', (err, result) => {
    console.dir(result)
})