{"id":903,"date":"2026-05-20T09:55:05","date_gmt":"2026-05-20T01:55:05","guid":{"rendered":"https:\/\/junai.ai\/blog\/nodejs-db-pg-18\/"},"modified":"2026-05-20T09:55:05","modified_gmt":"2026-05-20T01:55:05","slug":"nodejs-db-pg-18","status":"publish","type":"post","link":"https:\/\/junai.ai\/blog\/nodejs-db-pg-18\/","title":{"rendered":"PostgreSQL \uc5f0\ub3d9 \u2014 node-postgres\ub85c CRUD"},"content":{"rendered":"\n<!-- WordPress REST API \ubc1c\ud589\uc6a9 HTML (\uc790\ub3d9 \uc0dd\uc131) -->\n<!-- WP-FEATURED-MEDIA-ID: 850 -->\n<div style=\"max-width:800px;margin:0 auto;\">\n<style>\n:root {--color-primary:#059669;--color-accent:#10b981;--color-bg:#fafbfc;--color-bg-card:#fff;--color-text:#1a202c;--color-text-muted:#64748b;--hero-start:#064e3b;--hero-end:#059669;}\n*{box-sizing:border-box;}\n.container{max-width:760px;margin:0 auto;padding:0 24px 80px;}\n.hero{background:linear-gradient(135deg,var(--hero-start) 0%,var(--hero-end) 100%);color:#fff;padding:80px 24px 60px;text-align:center;}\n.hero .eyebrow{display:inline-block;font-size:14px;color:#6ee7b7;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;margin-bottom:14px;}\n.hero h1{font-size:36px;margin:0 0 16px;line-height:1.3;font-weight:800;}\n.hero p{color:#d1fae5;font-size:18px;max-width:640px;margin:0 auto;line-height:1.6;}\n.hero img{width:100%;max-width:640px;height:auto;margin:32px auto 0;border-radius:10px;display:block;}\narticle{padding-top:48px;}\narticle h2{font-size:26px;margin:56px 0 20px;padding-left:14px;border-left:5px solid var(--color-accent);line-height:1.4;}\narticle h3{font-size:19px;margin:32px 0 12px;color:var(--color-primary);}\narticle p{margin:16px 0;}\narticle strong{color:var(--color-primary);font-weight:700;}\narticle code{background:#d1fae5;padding:2px 8px;border-radius:4px;font-family:'SF Mono',Menlo,Consolas,monospace;font-size:14px;color:#065f46;}\n.databox{background:#d1fae5;border-left:4px solid var(--color-accent);padding:16px 20px;margin:24px 0;border-radius:0 8px 8px 0;font-size:15.5px;}\n.databox strong{color:var(--color-primary);}\n.warnbox{background:linear-gradient(135deg,#fef3c7 0%,#fde68a 100%);padding:16px 20px;margin:24px 0;border-radius:8px;font-size:15.5px;}\n.tablewrap{overflow-x:auto;-webkit-overflow-scrolling:touch;margin:22px 0;}\ntable{width:100%;border-collapse:collapse;font-size:15px;background:var(--color-bg-card);}\nth,td{padding:11px 12px;text-align:left;border-bottom:1px solid #e2e8f0;vertical-align:top;}\nth{background:#f1f5f9;font-weight:700;color:#0f172a;}\ntd:first-child,th:first-child{font-weight:700;}\n@media (max-width:560px){.tablewrap table,.tablewrap thead,.tablewrap tbody,.tablewrap tr,.tablewrap th,.tablewrap td{display:block;width:auto;}.tablewrap thead{display:none;}.tablewrap tr{margin:0 0 14px;border:1px solid #e2e8f0;border-radius:10px;overflow:hidden;}.tablewrap td{border:none;border-bottom:1px solid #f1f5f9;padding:9px 14px;}.tablewrap td:first-child{background:#f1f5f9;font-weight:800;font-size:15.5px;}.tablewrap td:last-child{border-bottom:none;}.tablewrap td[data-label]::before{content:attr(data-label) \" \u2014 \";font-weight:700;color:var(--color-primary);}}\n.code-block{background:#0f172a;color:#e2e8f0;padding:16px 20px;border-radius:8px;font-family:'SF Mono',Menlo,Consolas,monospace;font-size:14px;line-height:1.6;margin:20px 0;overflow-x:auto;white-space:pre;}\n.cta{background:linear-gradient(135deg,#059669 0%,#10b981 100%);color:#fff;padding:28px 24px;border-radius:12px;margin:48px 0 0;text-align:center;}\n.cta h3{color:#fff;margin:0 0 8px;font-size:20px;}\n.cta p{color:#d1fae5;margin:0;font-size:15.5px;}\n.footer-nav{margin-top:32px;padding-top:20px;border-top:1px solid #e2e8f0;font-size:14px;color:var(--color-text-muted);}\n.footer-nav a{color:var(--color-primary);text-decoration:none;}\n@media (max-width:480px){.hero h1{font-size:26px;}.hero p{font-size:16px;}article h2{font-size:21px;}article h3{font-size:17px;}body{font-size:16px;}}\n<\/style>\n<section class=\"hero\">\n  <span class=\"eyebrow\">Node.js \uad50\uc7ac \u00b7 18\ud3b8 \u00b7 PostgreSQL<\/span>\n  <h1>PostgreSQL \uc5f0\ub3d9 \u2014 node-postgres\ub85c CRUD<\/h1>\n  <p>Express \uc640 DB \uac00 \ub9cc\ub098\ub294 \uc9c0\uc810. 5\uc904\uc9dc\ub9ac \ubcf4\uc548 \uc0ac\uace0\ub97c \ubbf8\ub9ac \ucc28\ub2e8.<\/p>\n  <img decoding=\"async\" src=\"https:\/\/junai.ai\/blog\/wp-content\/uploads\/2026\/05\/hero-5-81.jpg\" alt=\"Node \uac00 PostgreSQL \ud480\uc5d0 \uc5f0\uacb0\ub418\ub294 \ucee8\uc149 \uc77c\ub7ec\uc2a4\ud2b8\">\n<\/section>\n\n<div class=\"container\">\n<article>\n\n<p>\uc9c0\uae08\uae4c\uc9c0 \ub370\uc774\ud130\ub97c \uba54\ubaa8\ub9ac \ubc30\uc5f4\uc5d0 \ub123\uace0 \ud749\ub0b4\ub0c8\ub2e4. \uc774\uc81c \uc9c4\uc9dc \u2014 PostgreSQL. <strong>node-postgres<\/strong> (\ubcf4\ud1b5 <code>pg<\/code> \ub77c \ubd80\ub984) \uac00 Node \uc9c4\uc601 \ud45c\uc900 \ud074\ub77c\uc774\uc5b8\ud2b8. \ub9e4\uc8fc 3\ucc9c\ub9cc+ \ub2e4\uc6b4\ub85c\ub4dc, ORM \ub4e4\uc774 \ub2e4 \uc774\uac78 \uae30\ubc18\uc73c\ub85c \ud55c\ub2e4.<\/p>\n\n<p>\uc774\ubc88 \ud3b8\uc740 raw SQL \ub85c CRUD. ORM(Prisma\u00b7Drizzle)\uc740 \uc704\uc5d0 \uc5b9\ub294 \ucd94\uc0c1\ud654\uace0, \uadf8 \ubc11\uc5d0\uc11c \uc77c\uc5b4\ub098\ub294 \uc77c\uc744 \ud55c \ubc88\uc740 \ubd10\uc57c \ub514\ubc84\uae45\uc774 \ube68\ub77c\uc9c4\ub2e4.<\/p>\n\n<h2>1. \uc124\uce58\uc640 \uccab \ucffc\ub9ac<\/h2>\n\n<div class=\"code-block\">$ npm install pg\n$ npm install -D @types\/pg     # TS \uc4f8 \ub54c<\/div>\n\n<p>\uac00\uc7a5 \ub2e8\uc21c\ud55c \ucffc\ub9ac:<\/p>\n\n<div class=\"code-block\">\/\/ db.js\nimport pg from &#8216;pg&#8217;;\nconst { Pool } = pg;\n\nconst pool = new Pool({\n  connectionString: process.env.DATABASE_URL,\n});\n\nconst { rows } = await pool.query(&#8216;SELECT NOW() AS now&#8217;);\nconsole.log(rows);\n\/\/ [ { now: 2026-04-25T01:23:45.678Z } ]<\/div>\n\n<p><code>DATABASE_URL<\/code> \uc740 17\ud3b8 dotenv \ucc55\ud130\uc758 \uc608\uc2dc \ud615\uc2dd \u2014 <code>postgres:\/\/user:pass@host:5432\/dbname<\/code>. \ud55c \uc904\ub85c \ub05d.<\/p>\n\n<h2>2. Pool vs Client \u2014 \uc65c Pool \uc778\uac00<\/h2>\n\n<p><code>pg<\/code> \ub294 \ub450 \uac00\uc9c0 \ud074\ub798\uc2a4\ub97c \uc81c\uacf5\ud55c\ub2e4.<\/p>\n\n<div class=\"tablewrap\">\n<table>\n<thead><tr><th>\uad6c\ubd84<\/th><th>Client<\/th><th>Pool<\/th><\/tr><\/thead>\n<tbody>\n<tr><td>\uc5f0\uacb0 \uc218<\/td><td data-label=\"Client\">1\uac1c<\/td><td data-label=\"Pool\">\uc5ec\ub7ec \uac1c \uc7ac\uc0ac\uc6a9<\/td><\/tr>\n<tr><td>\uc77c\uc0dd<\/td><td data-label=\"Client\">\uc218\ub3d9 connect\/end<\/td><td data-label=\"Pool\">\uc790\ub3d9 \uad00\ub9ac<\/td><\/tr>\n<tr><td>\uc801\ud569\ud55c \uacf3<\/td><td data-label=\"Client\">\uc9e7\uc740 \uc2a4\ud06c\ub9bd\ud2b8<\/td><td data-label=\"Pool\">\uc6f9 \uc11c\ubc84 (\uc0ac\uc2e4\uc0c1 \ud56d\uc0c1)<\/td><\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n\n<p><strong>\uc6f9 \uc11c\ubc84\ub294 \ubb34\uc870\uac74 Pool<\/strong>. \ub9e4 \uc694\uccad\ub9c8\ub2e4 \uc0c8 \uc5f0\uacb0 \ub9cc\ub4e4\uba74 TCP \ud578\ub4dc\uc170\uc774\ud06c\u00b7\uc778\uc99d\uc73c\ub85c 100ms \uac00\uae4c\uc774 \uc4f4\ub2e4. Pool \uc740 \ubbf8\ub9ac N\uac1c \uc5f0\uacb0\uc744 \ub9cc\ub4e4\uc5b4 \ub450\uace0 \uc694\uccad\ub9c8\ub2e4 \ube4c\ub824\uc900 \ub4a4 \ubc18\ub0a9. \uac19\uc740 \uc77c\uc5d0 1ms.<\/p>\n\n<h2>3. \ud30c\ub77c\ubbf8\ud130 \ubc14\uc778\ub529 \u2014 SQL Injection \ubc29\uc9c0<\/h2>\n\n<p><strong>\uac00\uc7a5 \uc911\uc694\ud55c \ubcf4\uc548 \uaddc\uce59<\/strong>. \uc0ac\uc6a9\uc790 \uc785\ub825\uc744 SQL \ubb38\uc790\uc5f4\uc5d0 \uc9c1\uc811 \ubc15\uc9c0 \ub9d0 \uac83.<\/p>\n\n<div class=\"code-block\">\/\/ \u274c \uc808\ub300 \uae08\uc9c0 \u2014 SQL Injection \ucc9c\uad6d\nconst result = await pool.query(\n  `SELECT * FROM users WHERE id = &#8216;${userId}&#8217;`\n);\n\/\/ userId = &#8220;1&#8217; OR 1=1; &#8211;&#8221; \uc774\uba74 \uc804\uccb4 \ud14c\uc774\ube14 \ub178\ucd9c\n\n\/\/ \u2705 \ud30c\ub77c\ubbf8\ud130 \ubc14\uc778\ub529 \u2014 $1, $2&#8230; \uc704\uce58\nconst result = await pool.query(\n  &#8216;SELECT * FROM users WHERE id = $1&#8217;,\n  [userId]\n);<\/div>\n\n<p><code>pg<\/code> \uac00 \uc548\uc804\ud558\uac8c escape \ud558\uace0 PostgreSQL \uc5d0 \uc804\ub2ec\ud55c\ub2e4. \uc0ac\uc6a9\uc790\uac00 \uc5b4\ub5a4 \uac12\uc744 \ub123\uc5b4\ub3c4 SQL \uad6c\uc870\uac00 \uc548 \uae68\uc9c4\ub2e4.<\/p>\n\n<div class=\"warnbox\">\n<strong>\ucd5c\uc545\uc758 \uc0ac\uace0<\/strong> \u2014 &#8220;\ub0b4\ubd80 \uc5b4\ub4dc\ubbfc\uc774\ub77c \uc548\uc804\ud574\uc694&#8221; \uac19\uc740 \ud551\uacc4\ub85c \ubb38\uc790\uc5f4 concat. \ud55c \uc904\ub85c \ud68c\uc0ac DB \uc804\uccb4 \ub178\ucd9c. Node \uc9c4\uc601\uc5d0\uc11c SQL Injection \uc0ac\uace0\uc758 99% \uac00 \uc774 \ud328\ud134. <strong>\uc608\uc678 \uc5c6\uc774 \ubb34\uc870\uac74 $1 \ubc14\uc778\ub529<\/strong>.\n<\/div>\n\n<h2>4. CRUD 4\uac00\uc9c0 \ud480 \uc14b<\/h2>\n\n<div class=\"code-block\">\/\/ CREATE\nconst { rows: [post] } = await pool.query(\n  `INSERT INTO posts (title, body, author_id)\n   VALUES ($1, $2, $3)\n   RETURNING *`,\n  [title, body, authorId]\n);\n\n\/\/ READ \u2014 \ubaa9\ub85d\nconst { rows: posts } = await pool.query(\n  `SELECT id, title, created_at FROM posts\n   WHERE author_id = $1\n   ORDER BY created_at DESC\n   LIMIT $2 OFFSET $3`,\n  [authorId, perPage, (page &#8211; 1) * perPage]\n);\n\n\/\/ READ \u2014 \ub2e8\uc77c\nconst { rows: [post] } = await pool.query(\n  &#8216;SELECT * FROM posts WHERE id = $1&#8217;,\n  [id]\n);\nif (!post) throw new NotFoundError(&#8216;\uae00&#8217;);\n\n\/\/ UPDATE\nconst { rowCount } = await pool.query(\n  `UPDATE posts SET title = $1, body = $2, updated_at = NOW()\n   WHERE id = $3 AND author_id = $4`,\n  [title, body, id, currentUserId]\n);\nif (rowCount === 0) throw new NotFoundError(&#8216;\uae00 \ub610\ub294 \uad8c\ud55c&#8217;);\n\n\/\/ DELETE\nawait pool.query(&#8216;DELETE FROM posts WHERE id = $1&#8217;, [id]);<\/div>\n\n<p>\ub450 \uac00\uc9c0 \ud328\ud134 \u2014 <strong><code>RETURNING *<\/code><\/strong> \uc73c\ub85c INSERT\/UPDATE \ud6c4 \uacb0\uacfc \ubc1b\uae30, <strong><code>WHERE id = $1 AND author_id = $2<\/code><\/strong> \ub85c \uc18c\uc720\uad8c\uae4c\uc9c0 \ud55c \ucffc\ub9ac\uc5d0\uc11c \uac80\uc0ac. \ubbf8\ub4e4\uc6e8\uc5b4 \uc5c6\uc774\ub3c4 \ubcf4\uc548\uc774 \ub2e8\ub2e8\ud574\uc9c4\ub2e4.<\/p>\n\n<h2>5. \ud2b8\ub79c\uc7ad\uc158 \u2014 \ubaa8\ub450 \uc131\uacf5 or \ubaa8\ub450 \uc2e4\ud328<\/h2>\n\n<p>\uc1a1\uae08\ucc98\ub7fc \uc5ec\ub7ec \ucffc\ub9ac\uac00 \ubb36\uc5ec\uc57c \ud558\ub294 \uacbd\uc6b0. \ud55c \ucffc\ub9ac \uc2e4\ud328\ud558\uba74 \ub2e4 \ub864\ubc31.<\/p>\n\n<div class=\"code-block\">async function transfer(fromId, toId, amount) {\n  const client = await pool.connect();  \/\/ \uac19\uc740 \uc5f0\uacb0 \uc720\uc9c0\n  try {\n    await client.query(&#8216;BEGIN&#8217;);\n    await client.query(\n      &#8216;UPDATE accounts SET balance = balance &#8211; $1 WHERE id = $2&#8217;,\n      [amount, fromId]\n    );\n    await client.query(\n      &#8216;UPDATE accounts SET balance = balance + $1 WHERE id = $2&#8217;,\n      [amount, toId]\n    );\n    await client.query(&#8216;COMMIT&#8217;);\n  } catch (err) {\n    await client.query(&#8216;ROLLBACK&#8217;);\n    throw err;\n  } finally {\n    client.release();      \/\/ \ud480\uc5d0 \ubc18\ub0a9 (\ud544\uc218!)\n  }\n}<\/div>\n\n<p>\ud575\uc2ec \u2014 <code>pool.connect()<\/code> \ub85c <strong>\uac19\uc740 \uc5f0\uacb0<\/strong>\uc744 \ube4c\ub824, <code>BEGIN<\/code>\u00b7<code>COMMIT<\/code>\/<code>ROLLBACK<\/code>. \ub05d\ub098\uba74 <strong><code>client.release()<\/code><\/strong> \ud544\uc218. \uc548 \ud558\uba74 \ud480 \uace0\uac08\ub85c \ub2e4\uc74c \uc694\uccad\uc774 \uba48\ucd98\ub2e4.<\/p>\n\n<div class=\"databox\">\n<strong>\uc2e4\uc804 \u2014 ORM \uc73c\ub85c \uac00\ub294 \uae38<\/strong> \u2014 raw <code>pg<\/code> \ub85c 5~10 \ud14c\uc774\ube14\uc744 \ub2e4\ub8e8\ub2e4 \ubcf4\uba74 \ud0c0\uc785 \uc548\uc804\uc131\u00b7\ub9c8\uc774\uadf8\ub808\uc774\uc158\uc774 \uadf8\ub9ac\uc6cc\uc9c4\ub2e4. \uadf8 \ub2e8\uacc4\uac00 ORM \ub3c4\uc785 \uc2dc\uc810. <strong>Drizzle<\/strong>(\uac00\ubcbc\uc6c0, SQL \uadf8\ub300\ub85c) \ub610\ub294 <strong>Prisma<\/strong>(\ud3b8\ub9ac, \uc790\ub3d9 \uc0dd\uc131) \uac00 \uc591\uac15. \uc774 \uad50\uc7ac\ub294 raw pg \ub85c \uba48\ucd94\uc9c0\ub9cc, \ud68c\uc0ac \uac00\uba74 \uac70\uc758 ORM \ub9cc\ub09c\ub2e4.\n<\/div>\n\n<h3>\uc694\uc57d \u2014 18\ud3b8 \uc88c\ud45c<\/h3>\n\n<p>\uc5ec\uae30\uae4c\uc9c0 \uc815\ub9ac. <code>npm i pg<\/code> \u2192 <code>new Pool({ connectionString })<\/code> \u2192 <code>pool.query(sql, [params])<\/code>. \uc6f9 \uc11c\ubc84\ub294 \ubb34\uc870\uac74 Pool, Client \ub294 \uc9e7\uc740 \uc2a4\ud06c\ub9bd\ud2b8. <strong>$1 \ud30c\ub77c\ubbf8\ud130 \ubc14\uc778\ub529<\/strong>\uc774 SQL Injection \ubc29\uc9c0\uc758 \uc720\uc77c\ud55c \uc815\ub2f5. RETURNING \uc73c\ub85c INSERT \uacb0\uacfc \ubc1b\uae30, \ud2b8\ub79c\uc7ad\uc158\uc740 <code>pool.connect()<\/code> + <code>BEGIN\/COMMIT\/ROLLBACK<\/code> + <code>release()<\/code>. \ub2e4\uc74c \ud3b8\uc5d0\uc11c <strong>JWT \uc778\uc99d<\/strong>\uc73c\ub85c \ub85c\uadf8\uc778 \ud750\ub984\uc744 \ub9cc\ub4e0\ub2e4.<\/p>\n\n<div class=\"cta\">\n<h3>\ub2e4\uc74c \ud3b8 \uc608\uace0 \u2014 JWT \uc778\uc99d<\/h3>\n<p>\ub85c\uadf8\uc778 \ud750\ub984, \ud1a0\ud070 \ubc1c\uae09\u00b7\uac80\uc99d, refresh \ud328\ud134. 19\ud3b8.<\/p>\n<\/div>\n\n<div class=\"footer-nav\">\n\uc2dc\ub9ac\uc988 \u00b7 <a href=\"https:\/\/junai.ai\/blog\/category\/nodejs\/\">\uc27d\uac8c \ubc30\uc6b0\ub294 Node.js<\/a> \u00b7 \uc774\uc804: <a href=\"https:\/\/junai.ai\/blog\/nodejs-env-dotenv-17\/\">Ch.17 \ud658\uacbd\ubcc0\uc218<\/a>\n<\/div>\n\n<\/article>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Node.js \uc5d0\uc11c PostgreSQL \ub2e4\ub8e8\uae30 \u2014 node-postgres(pg) Pool\u00b7\ud30c\ub77c\ubbf8\ud130 \ubc14\uc778\ub529\u00b7\ud2b8\ub79c\uc7ad\uc158\u00b7SQL Injection \ubc29\uc9c0. \uad50\uc7ac 18\ud3b8.<\/p>\n","protected":false},"author":1,"featured_media":850,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24],"tags":[],"class_list":["post-903","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-nodejs"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts\/903","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/comments?post=903"}],"version-history":[{"count":0,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts\/903\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/media\/850"}],"wp:attachment":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/media?parent=903"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/categories?post=903"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/tags?post=903"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}