发表新帖
发表新帖

Sequelize Where statement with date

前端 未结
关注
4 1910
野的像风
野的像风 2020-12-14 14:01

I am using sequelize as my backend ORM. Now i wish to do some where operations on a Date.

More Speceficly i want to get all data where a date is from now and 7 days

4条回答
  • 眼角桃花
    眼角桃花 (楼主)
    2020-12-14 14:36

    I had to import the Operators symbols from sequelize and use like so.

    const { Op } = require('sequelize')

model.findAll({
  where: {
    start_datetime: {
      [Op.gte]: moment().subtract(7, 'days').toDate()
    }
  }
})

    According to the docs, for security reasons this is considered best practise.

    See http://docs.sequelizejs.com/manual/tutorial/querying.html for more info.

    Using Sequelize without any aliases improves security. Some frameworks automatically parse user input into js objects and if you fail to sanitize your input it might be possible to inject an Object with string operators to Sequelize.

    (...)

    For better security it is highly advised to use Sequelize.Op and not depend on any string alias at all. You can limit alias your application will need by setting operatorsAliases option, remember to sanitize user input especially when you are directly passing them to Sequelize methods.

    0 讨论(0)
 看不清?
提交回复
热议问题