A better and faster way for eval?
Posted
by
user1707250
on Stack Overflow
See other posts from Stack Overflow
or by user1707250
Published on 2012-11-25T22:17:35Z
Indexed on
2012/11/25
23:04 UTC
Read the original article
Hit count: 142
JavaScript
|node.js
I want to build my queries dynamically and use the following snippet:
--snip--
module.exports = {
get : function(req, res, next) {
var queryStr = "req.database.table('locations').get(parseInt(req.params.id))";
if (req.params.id) {
if (req.fields) {
queryStr += '.pick(' + req.fieldsStr + ')';
}
console.log(queryStr);
eval(queryStr).run(function(result) {
console.log(result);
res.send(result);
});
} else if (!req.params.id) {
--snip--
However introducing eval opens up my code to injection (req.fields is filled with url parameters) and I see the response time of my app increase from 7 to 11ms
Is there a smarter way to accomplish what I did here?
Please advice.
© Stack Overflow or respective owner