From the course: Node.js: Security
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Use prepared statements for SQL/NoSQL
From the course: Node.js: Security
Use prepared statements for SQL/NoSQL
- [Instructor] A prepared statement is basically the use of a template in your code with empty values when making queries to the server, and then as the command is executed, the empty values are replaced with the data needed to fulfill the query. The beauty of most of today's tools for querying databases is that they already include them, so if you are using Mongoose for MongoDB, or Sequelize to query SQL databases, you've got this area covered already, so the general guideline here is to use those tools, like we're doing in our application, and if you're not, you'll thank me both from a security perspective or a development perspective, as they make querying and setting up your server with the database much easier. If you would like more information on the subject, for Mongo development, go to this webpage, mongoosejs.com and on this page, you'll find more information about how to set it up, what it saves you, and so on, so forth. And if you prefer developing with SQL, then use…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.