How do I escape % in Knex where like query?

Question

I\'m using knex to generate my SQL queries. In knex documentation, it shows this

knex(\'users\').where(\'columnName\', \'like\', \'         


        

Answer 1

For this case I use

rather string interpolation from es6 (safe version)

knex('table').where('description', 'like', `%${term}%`)

or ?? parameter binding

knex('table').whereRaw('description like \'%??%\'', [term])

But in the first case, you must be 100% sure that term is valid, because of the possibility of SQL injection.