docs: add note about use with NO_BACKSLASH_ESCAPES

kiprobinson · dougwilson · commit 4e6439809757 · 2017-09-24T15:05:10.000-04:00
diff --git a/README.md b/README.md
@@ -24,6 +24,10 @@ var SqlString = require('sqlstring');
 
 ### Escaping query values
 
+**Caution** These methods of escaping values only works when the
+[NO_BACKSLASH_ESCAPES](https://dev.mysql.com/doc/refman/5.7/en/sql-mode.html#sqlmode_no_backslash_escapes)
+SQL mode is disabled (which is the default state for MySQL servers).
+
 In order to avoid SQL Injection attacks, you should always escape any user
 provided data before using it inside a SQL query. You can do so using the
 `SqlString.escape()` method:
