1

See below code:

con.query(`SELECT * FROM alltime WHERE user = '${message.author.id}'`, function (err, result, fields) {
        if (err) throw err;

        Object.keys(result).forEach(function (key) {
            var results = result[key];

if (results.afk === 1) {

                alltime = con.query(`UPDATE alltime SET afk = false, reason = NULL, afktime = NULL WHERE user="${message.author.id}"`), (err, rows) => {
                    if (err) throw err;
                }
                scores = con.query(`UPDATE scores SET afk = false, reason = NULL, afktime = NULL WHERE user="${message.author.id}"`), (err, rows) => {
                    if (err) throw err;
                }
                
                //Run Queries
                alltime;
                scores;

Is it possible to run alltime & scores in one query? I am maxing out connections a lot on Clear DB and looking to cut down load.

Any help will be appreciated :)

I have tried all the following answers on here but they don't seem to work. Maybe it's because i'm using JS?

QueenInTheNorth
  • 107
  • 3
  • 12
  • Your code is **wide open** to sQL injection attacks. **You will be hacked** if you haven't been already. Never concatenate data directly to an SQL query. Use parameterized queries. – Brad Mar 31 '19 at 01:31
  • It's a discord bot, there is no way to inject through discord via my commands created. I have already explored this. Thanks for the input though. Do you know the answer to my question? – QueenInTheNorth Mar 31 '19 at 01:37
  • 2
    Some day, you'll make a change in your application and your queries are going to break, I assure you. Do things the right way, and then you don't have to worry about it later. It takes no additional time or effort on your behalf. – Brad Mar 31 '19 at 01:41
  • While i agree with Brad, in this Case `message.author.id` is not a user selected value, so therese no risk here, but I am sure you have other commands where you concatenate user input directly into the query. – PLASMA chicken Mar 31 '19 at 09:32

0 Answers0