Check out example codes for "node js mysql escape string". It will help you in understanding the concepts better.

Code Example 1

// Escape values:

let escaped = mysql.escape('myString');

// or

mysql.query(
  "SELECT * FROM `table` WHERE `str1`=? AND `str2`=?",
  ['myString1', 'myString2'],
  (err, result)=>{}
);

// Escape identifiers:

mysql.query(
  "SELECT * FROM ??",	// note the double ?
  ['tablename'],
  (err, result)=>{}
);

Learn ReactJs, React Native from akashmittal.com