Escaping query values
前面我们介绍了escape的简单应用,下面我们再看下面的例子:
var sql1 = 'SELECT * FROM TBL_USER WHERE ID>' + Firebird.escape(1);
var sql2 = 'SELECT * FROM TBL_USER WHERE NAME=' + Firebird.escape('Peer');
var sql3 = 'SELECT * FROM TBL_USER WHERE CREATED<=' + Firebird.escape(new Date());
var sql4 = 'SELECT * FROM TBL_USER WHERE NEWSLETTER=' + Firebird.escape(true);
console.log(sql1);
console.log(sql2);
console.log(sql3);
console.log(sql4);
运行结果为:
SELECT * FROM TBL_USER WHERE ID>1
SELECT * FROM TBL_USER WHERE NAME='Peer'
SELECT * FROM TBL_USER WHERE CREATED<='2016-00-06 17:12:53'
SELECT * FROM TBL_USER WHERE NEWSLETTER=1
根据上面实例中给出的几种参数的数据类型,去练一练吧,看看结果是什么样的。