Skip to main content

mysql and mysql2

ExpressJS Create Database

app.get("/createdb", (req, res) => {
  let sql = "CREATE DATABASE rhymes";
  mysqlDb.query(sql, (err, result) => {
    if (err) {
      throw err;
    }
    console.log(res);
    res.send("Database created...");
  });
});

connect to database

To establish a MySQL database connection in an Express.js application, you'll need to follow a few steps:

  1. Install the necessary dependencies: In your Express.js project, you'll need to install the appropriate packages to work with MySQL. You can use npm or yarn to install the required packages. The two main packages you'll need are mysql and mysql2. You can install them by running the following command in your project's root directory:

    npm install mysql mysql2

  2. Require the MySQL module: In your Express.js application, you'll need to require the mysql or mysql2 module to use its functionality. You can do this by adding the following line at the top of your JavaScript file:

    const mysql = require('mysql'); // or require('mysql2');

  3. Create a database connection: To establish a connection to your MySQL database, you need to create a connection object with the necessary configuration parameters. These parameters typically include the host, user, password, and database name. Here's an example of creating a MySQL connection:

    const connection = mysql.createConnection({
      host: 'localhost',
      user: 'your_username',
      password: 'your_password',
      database: 'your_database_name'
    });

  4. Connect to the database: After creating the connection object, you need to call the connect method to initiate the connection with the MySQL database. You can do this as follows:

    connection.connect((error) => {
      if (error) {
        console.error('Error connecting to the database:', error);
      } else {
        console.log('Connected to the database.');
      }
    });

    It's important to handle any potential errors that may occur during the connection process.

  5. Perform database operations: Once the connection is established, you can perform various database operations using the connection object. This includes executing SQL queries, inserting data, updating records, deleting data, etc. You can use the query method provided by the mysql or mysql2 module to execute SQL statements.

    Here's an example of executing a simple SQL query to fetch data from a table:

    connection.query('SELECT * FROM users', (error, results) => {
      if (error) {
        console.error('Error executing the query:', error);
      } else {
        console.log('Results:', results);
      }
    });

  6. Close the connection: When you're done using the database connection, it's important to close it to free up resources. You can call the end method on the connection object to close the connection:

    connection.end((error) => {
      if (error) {
        console.error('Error closing the database connection:', error);
      } else {
        console.log('Database connection closed.');
      }
    });

    Closing the connection is typically done when your Express.js application is shutting down or when you no longer need to interact with the database.

These steps outline the basic process of establishing a MySQL database connection in an Express.js application. Remember to handle errors appropriately and consider using connection pooling for better performance in production environments.

parameterized Queries

The question mark (?) placeholder is used in the SQL query to represent a parameterized value. When using parameterized queries, the actual values are provided separately as an array or an object, and they are then bound to the placeholders in the query.

In this case, the ? is used as a placeholder for the rhyme object in the INSERT INTO query. The rhyme object contains the data to be inserted into the rhymes table. By using the ? placeholder, the code ensures that the values from the rhyme object are properly escaped and inserted into the query, preventing potential SQL injection attacks.

how the process works

  1. The sql variable contains the SQL statement: 'INSERT INTO rhymes SET ?'. The SET keyword is used to specify the values to be inserted.

  2. The rhyme object contains the data that will be inserted into the table. In this case, it has two properties: title and body. These properties correspond to columns in the rhymes table.

  3. The mysqlDb.query() method is called with the sql statement, the rhyme object, and a callback function that handles the result of the query.

  4. Inside the mysqlDb.query() method, the values from the rhyme object are automatically bound to the ? placeholder in the SQL query. This ensures that the data is properly escaped and formatted before being inserted into the query.

  5. When the query is executed, the result parameter in the callback function will contain information about the executed query, such as the number of affected rows or the inserted ID.

By using parameterized queries with the ? placeholder, you can safely insert data into the database without worrying about SQL injection vulnerabilities. It's important to properly validate and sanitize user input before inserting it into the database to ensure data integrity and security.