@cd2/es-qu-el
v0.14.0
Published
`yarn add @cd2/es-qu-el`
Downloads
99
Readme
ES-QU-EL
yarn add @cd2/es-qu-el
Sanitizing using the SQL function
The SQL
function will automatically escape any interpolated into the string.
import { SQL } from "@cd2/es-qu-el"
const userInput = `dangerous user input ' OR true; `
const sql = SQL`SELECT * FROM table WHERE thing=${userInput}`
A function can be interpolated which will get access to an object with many sanitizers:
const table = `my_table`
const sql = SQL`SELECT * FROM ${as => as.name(table)}`