I'm using TypeORM with MS SQL Server.
In TypeORM default set up SQL queries, generated by .insert
and .update
methods are compiling in parametrized queries in SQL.
Is there a way to switch to inlining of data instead of parametrization?
PS I know about possibility of SQL injections in this case, but:
You can use this style of inserts:
await getConnection()
.createQueryBuilder()
.insert()
.into(User)
.values({
firstName: "Timber",
lastName: () => "CONCAT('S', 'A', 'W')"
})
.execute();
And as you are aware, you need to escape anything inserted that way to protect against SQL injection.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.