Nice. If you’re inserting data into the database from users, be extra careful to sanitize the inputs to avoid SQL injection problems. I included an example in my other sample code.
const sql = "SELECT * FROM monsters WHERE id = ?"; // use a question mark
connection.query(sql, [id], function (err, results, fields) {
// ...