[英]Parameterize sql query in go
I have a simple query like the one below. 我有一个简单的查询,如下所示。
select json_agg(row_to_json(t)) from (select *
from jobs, companies, locations
where jobs.company_id = companies.id and jobs.location_id = locations.id
$extra
and to_tsvector(jobs.name || ' ' || companies.name || ' ' || locations.name) @@ to_tsquery($1)
and to_tsvector(locations.name) @@ to_tsquery($2)
limit $3) t
But it has some problems regarding additional query. 但是它在附加查询方面存在一些问题。 The
$1
and $2
parameters is optional based on the query user requests. $1
和$2
参数是可选的,基于查询用户的请求。 But still, at least in this case to_tsquery
(postgresql) doesn't support any "match all" query like '*' so we must have the whole additional query and to_tsvector(locations.name) @@ to_tsquery($2)
with proper parameter or not at all. 但是仍然,至少在这种情况下,
to_tsquery
(postgresql)不支持任何“匹配所有”查询,例如“ *”,因此我们必须具有整个附加查询and to_tsvector(locations.name) @@ to_tsquery($2)
并带有适当的参数还是根本没有。
This makes building query based on parameter tiresome work since we have to copy same query and add additional query all the time, and it's easily add up. 这使基于参数的查询工作变得很麻烦,因为我们必须一直复制相同的查询并添加其他查询,而且添加起来很容易。 I have a solution in mind to use
strings.Replace
to add up additional queries, but still we need to escape the parameter if needed. 我有一个使用
strings.Replace
的解决方案,可以添加其他查询,但是如果需要,我们仍然需要对参数进行转义。 Is there any other solution can get this done in a clean way ? 还有其他解决方案可以干净地完成此操作吗?
Here the tricky solution, hope this can help you. 这里有棘手的解决方案,希望对您有所帮助。 this query example using syntax query for github.com/lib/pq
此查询示例使用针对github.com/lib/pq的语法查询
baseQuery := `
SELECT *
FROM
tableName
WHERE
(name ILIKE $1)`
params := []interface{}{"%" + nameLike + "%"}
// you can add optional criteria using this way
if condition==true {
baseQuery += fmt.Sprintf(` AND student_no=$%d`, len(params)+1)
params = append(params, studentNo)
}
filterQuery := baseQuery + ` ORDER BY contract_no ASC`
if totalLimit != 0 {
filterQuery += fmt.Sprintf(` LIMIT $%d OFFSET $%d`, len(params)+1, len(params)+2)
params = append(params, totalLimit, totalSkip)
}
rows, err := db.Query(filterQuery, params...)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.