Updating records in Microsoft SQL Server from a Node.js application is a common task. Using the mssql package you can execute UPDATE queries with parameterized inputs to avoid SQL injection.
Step 1: Install mssql Package
bash
npm install mssql
Step 2: Configure MSSQL Connection
js
const sql = require('mssql');const config = {
user: 'your_username',
password: 'your_password',
server: 'localhost',
database: 'your_db',
options: {
encrypt: true, // Use for Azure
trustServerCertificate: true, // For local dev
},
};
Also Read: Impact Of Serverless On Node.js Development in 2025
Step 3: Execute an UPDATE Query
js
async function updateUserEmail(userId, newEmail) {try {
let pool = await sql.connect(config);
await pool
.request()
.input('email', sql.VarChar, newEmail)
.input('id', sql.Int, userId)
.query('UPDATE Users SET Email = @email WHERE Id = @id');
console.log('Update successful');
} catch (err) {
console.error('Update failed', err);
}
}
This is type safe and SQL injection proof.
Conclusion
Now you know how to update SQL Server records from Node.js using mssql package with parameterized queries for security.
