From 8e287ef943bf74589794efbcc0619263150bdb60 Mon Sep 17 00:00:00 2001
From: 0xflotus <0xflotus@gmail.com>
Date: Mon, 13 Jan 2020 13:48:59 +0100
Subject: [PATCH] Update avoid-command-injection-node.md

---
 docs/avoid-command-injection-node.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/avoid-command-injection-node.md b/docs/avoid-command-injection-node.md
index ad5ad27..5be0116 100644
--- a/docs/avoid-command-injection-node.md
+++ b/docs/avoid-command-injection-node.md
@@ -2,7 +2,7 @@
 
 In this post we are going to learn about the proper way to call a system command using node.js to avoid a common security flaw, command injection.
 
-A call that we often see used, due to it's symplicity is `child_process.exec`. It's got a simple pattern; pass in a command string and it calls you back with an error or the command results.
+A call that we often see used, due to it's simplicity is `child_process.exec`. It's got a simple pattern; pass in a command string and it calls you back with an error or the command results.
 
 Here is a very typical way you would call a system command with `child_process.exec.`
 
@@ -12,7 +12,7 @@ child_process.exec('ls', function (err, data) {
 });
 ```
 
-What happens though when you need to start getting user input for arguments into your command? The obvious solution is to take the user input and build your command out using string concatenation. But here's something I've learned over the years: When you use string concatentation to send data from one system to another you're probably going to have a bad day.
+What happens though when you need to start getting user input for arguments into your command? The obvious solution is to take the user input and build your command out using string concatenation. But here's something I've learned over the years: When you use string concatenation to send data from one system to another you're probably going to have a bad day.
 
 ```js
 var path = "user input";