Closed harmonic7 closed 3 years ago
Hi again @harmonic7 - it was never the intention of mustache in this node to be a substitute for actual parameters. It is litteraly a string substitute so unfortunately, if payload.name
is Des O'Connor
then the single quote is going to trip it up'
.
Now that the node actually supports parameters, this is much easier to handle...
msg.payload.name
INSERT INTO TempDestination VALUES ({{{payload.Id}}}, @name)
I will leave the issue open for @bestlong to comment, but it is my recommendation we leave mustache alone (for backwards compatibility)
Or if you are happy with the parameter solution, feel free to close this issue.
Fantastic, thanks for that @Steve-Mcl. I'll use the parameter syntax that you mention above 👍
Closing now.
Hi There, I see that the
payload.Name
doesn't get escaped before inserting into the database:For instance, if we have
payload.Name
containing a first character of'
, then thepayload.Name
is populated into the database as an empty string.