Closed SeregPie closed 7 years ago
Hi @SeregPie I know you just made your PR, but I just got PR #9 landed. Do you think that (1) is this still useful to have, and if so (2) should it be implemented in terms of .toSqlString
?
I think toSqlString
is just over complicated and does not feel intuitive for me. So i need to create a new object for every value I want to not be escaped.
Your example.
var CURRENT_TIMESTAMP = { toSqlString: function() { return 'CURRENT_TIMESTAMP()'; } };
var sql = SqlString.format('UPDATE posts SET modified = ? WHERE id = ?', [CURRENT_TIMESTAMP, 42]);
Could be just like this.
var sql = SqlString.format('UPDATE posts SET modified = ? WHERE id = ?', [SqlString.escaped('CURRENT_TIMESTAMP()'), 42]);
And you can still use objects if you want, by using the standard toString
function.
var CURRENT_TIMESTAMP = { toString: function() { return 'CURRENT_TIMESTAMP()'; } };
var sql = SqlString.format('UPDATE posts SET modified = ? WHERE id = ?', [SqlString.escaped(CURRENT_TIMESTAMP), 42]);
Why open a new PR without commenting that in the other PR first? At least right now, I can't merge this due tobmerge conflicts. Can you resolve them?
resolved
Hi @SeregPie I see you closed this PR. I'm going to land this tonight to get a new version, in which the implementation would be basically what you write here, except with the instanceof
checks removed and the class changed to
function Escaped(val) {
this.toSqlString = function toSqlString() {
return String(val);
};
}
Not sure why the closure instead of changing it, and I can commit this under you as the author, but don't want to do that unless you are OK with it. Probably if I don't hear anything in the next 10 hours or so, I'll just commit myself, otherwise let me know if you want to be the author.
Sorry. Yes, you can commit it this way. Thank you.
Hello.
Nearly a year ago I created an issue. https://github.com/mysqljs/mysql/issues/1542 Now I take the task in my hand. =)