How do I get the value of an Array without knowing the name of the Array

Question

im currently working on a user authentication system using expressJS. Therefore to encrypt my data I am using bcrypt. Then I save the encrypted data to a MySQL Database. Then when logging in I get the saved password using SELECT password FROM USERS WHERE email=${emailUserEntered}. Well that works but it gives me this output:

[
  {
    password: '$2b$10$MyvQenconTHygpwbY/1ExampleHashYju2i8Bq'
  }
]

My code:

  let userPassword = await db.promise().query(`SELECT password FROM USERS WHERE email='${req.body.email}';`);
  const data = userPassword[0].password;
  console.log(data)


  var result = bcrypt.compareSync(req.body.password, data);
  if (result) {
    res.send('SUCCESS!');
  } else {
    res.send('WRONG!');
  }

How can only get the actual hash as a String and not the brackets and all that?
Thanks in advance, have a nice day

Sorry, completely misunderstood. When you get that result, save it to a variable. Arrays don't have names anyway. From the variable, you want `whatever[0].password`. — Pointy, Jul 03 '22 at 12:28
Unfortunately doesnt work... That gives me the output: undefined — Ben Böckmann, Jul 03 '22 at 12:38
It would help if you would post the actual code you're attempting. — Pointy, Jul 03 '22 at 12:56
I don't see any obvious problem with that code. If you `console.log(userPassword)` after the `await` line, it shows the structure you first posted? — Pointy, Jul 03 '22 at 13:06
exactly... and i want only the hash as a string. Not the entire structure around it — Ben Böckmann, Jul 03 '22 at 13:07
Yes I understand (now), it doesn't really make sense that the code wouldn't work as written unless the Node console is being weird. — Pointy, Jul 03 '22 at 13:14

Przemyslaw · Accepted Answer · 2022-07-03T13:30:04.093

1

I suspect your library's query() might be returning a [rows, fields] array.
mysql2's query() does, at least.

Maybe the below?:

  let [rows, fields] = await db.promise().query(`SELECT password FROM USERS WHERE email='${req.body.email}';`);
  const password = rows[0].password;
  console.log(password)

Warning: also, the above code may potentially lead to a frightful SQL injection depending on what may hide under the req.body.email. Please take a look at the Prepared Statements to mitigate this. More info: How can prepared statements protect from SQL injection attacks?.

edited Jul 03 '22 at 13:30

answered Jul 03 '22 at 13:14

Przemyslaw

457
1
3
13

2

Omg thank you so much man. Thats exactly it! Keep it up and have a good one – Ben Böckmann Jul 03 '22 at 13:18
@BenBöckmann: glad to help! Please also watch out for a potential SQL injection in there . – Przemyslaw Jul 03 '22 at 13:32

Ahsan Shah · Answer 2 · 2022-07-03T13:02:47.253

0

I guess you are using JavaScript, so you can do something like that

const {password} = JSON.parse(JSON.stringify(SQL_QUERY_RES).then(items=>items[0])

or

const data = JSON.parse(JSON.stringify(SQL_QUERY_RES))[0].password

edited Jul 03 '22 at 13:02

answered Jul 03 '22 at 12:29

Ahsan Shah

9
2

Unfortunately doesnt work... They both give the output: undefined – Ben Böckmann Jul 03 '22 at 12:37
Are you sure you are getting this output. Try using console.log here, – Ahsan Shah Jul 03 '22 at 13:02
@BenBöckmann I have updated the above code, please try now – Ahsan Shah Jul 03 '22 at 13:03
Thanks man but that wasnt it unfortunately... I now get the error: ```JSON.stringify is not a function``` – Ben Böckmann Jul 03 '22 at 13:07

How do I get the value of an Array without knowing the name of the Array

2 Answers2