Closed taobojlen closed 4 years ago
What about query/4? One of the tests we have, for brevity:
test "run simple statement with complex params", context do
conn = context[:conn]
row =
Bolt.Sips.query!(conn, "RETURN {x} AS n", %{x: %{abc: ["d", "e", "f"]}})
|> Response.first()
assert row["n"]["abc"] == ["d", "e", "f"]
end
Oh, my bad! I was searching for "parameter", so "params" didn't show up... Oops!
Thanks a lot for the fast reply :)
No worries :)
@tao-oat Keep in mind that due to deprecation Neo4j v4, it's better to use $param
instead of {param}
.
Cypher supports parameterized queries to help mitigate the risk of injection attacks.
It looks like
Bolt.Sips.query/2
only takes a connection and a string, and (as far as I can tell) none of the examples in this repo use parameterized queries. Does bolt_sips support these? If so, how do we use them without resorting to string building?