Fetching readings between a certain time period

For this operation, we need the following:

The type of reading desired
The two times between which we require readings

        const fetchReadingsBetweenTime = (type, start, 
    end,    
         callback) => {
          db.all(`SELECT * FROM ${type} WHERE createdAt
       > ? AND
         createdAt < ?;`, [start, end], callback)
        }

In this query, we do not use template string variables and go for the library's query parameterization instead. Query parameterization is when we use a query template and fill it in with the required values, as opposed to hardcoding the entire query. The reason we do this is to prevent SQL injection. In all our previous queries, we were constructing the query within our system. These queries were not going to be exposed outside our server application.

This query is different in the sense that we plan to let the user choose the times between which they would like to see readings. The start and end parameters are, therefore, susceptible to outside interference and must be provided as query parameters to prevent SQL injection.

You can go to https://www.sohamkamani.com/blog/2016/11/24/what-is-sql-injection/ to learn more about SQL injection.

Table of Contents for Fetching readings between a certain time period

Create new playlist

Sign In

Sign Up

Table of Contents for
Fetching readings between a certain time period