How to input a NodeJS variable into an SQL query

Question

I want to write an SQL query that contains a NodeJS variable. When I do this, it gives me an error of \'undefined\'.

I want the SQL query below to recognize the

Answer 1

If you are using > ES6 :

connection.query(`SELECT * FROM arrivals WHERE flight = ${flightNo}`, function(err, rows, fields) {

If you are < ES6 :

connection.query("SELECT * FROM arrivals WHERE flight = " + flightNo, function(err, rows, fields) {

Please note that this is VERY BAD practice as you will be vulnerable to SQL-injection attacks.