Could someone explains the next error ?
Request :
Select Code, Clef_decryptage from [DataBase].[dbo].[Principal] WHERE Id_device = {{{payload.type}}}
msg.payload.type is String[7] and equals "744DF02"
Error :
RequestError: Incorrect syntax near 'DF02'.
What type of data is stored in the table? Table definition would be nice.
Ci dessous la d茅finition des colonnes de la table :

I have now a more explicit error :
RequestError: Conversion failed when converting the varchar value '744DF02' to data type int.
I believe you're missing quotation marks around parameter type in your statement. It should be something like:
Select Code, Clef_decryptage from [DataBase].[dbo].[Principal] WHERE Id_device = '{{{payload.type}}}'
But this is not a good practice to do so I would recommend you to use input parameters instead.
new sql.Request();
.input('type', msg.payload.type);
.query('Select Code, Clef_decryptage from [DataBase].[dbo].[Principal] WHERE Id_device = @type').then(function(recordset) {
console.dir(recordset);
}).catch(function(err) {
// ... error checks
});
Thanks, the first correction is working.
But as I'm using the Node-Red Node MSSQL, I have only a "Request" field, where I can't type your script : new sql.request() ...
Or I don't understand exactly what you meant.
What MSSQL module do you use with Node-Red?
The module you posted doesn't support parametrized statements so the approach I wrote is irrelevant. Please, keep in mind that once you concatenate statements manually, you also have to sanitize your statements against sql injection manually.
.input('type', msg.payload.type);
sql.connect(config, () => {
var request = new sql.Request();
request.input("msg", req.body.BodyMessage);
request.input("id", req.params.id);
request.query(
"UPDATE Notification SET BodyMessage=@msg WHERE Id=@id",
function (err, recordset) {
if (err) {
res.send(err);
} else {
res.status(200).send(recordset);
}
}
);
});
Most helpful comment
I believe you're missing quotation marks around parameter
typein your statement. It should be something like:But this is not a good practice to do so I would recommend you to use input parameters instead.