Closed dan-willett closed 5 years ago
Yes, that is correct. This is the default behavior for objects passed in as a secondary value. The toString() method is called and that returned value is escaped into a sql string.
value is an object, toString() is called on it and the returned value is used.
If you want that particular object to become a JSON formatted string (there are many other ways to represent objects into a column, so this library does not have any idea which is the appropriate one for your use case), you can three options:
I hope this helps!
I can't think of a single instance where " [ object Object ] " would be a useful value when preparing an SQL statement.
Although this did give me an idea for an alternative workaround:
Object.prototype.toString = function() {
if (this === null) return "null";
else return JSON.stringify(this);
}
While the above appears to work fine in testing in a browser, the above solution will not work in a NodeJS production environment do to the circular reference, and while the circular reference can be solved with a package such as circular-json or flatted, this will cause problems with other packages that rely on the default behavior of Object.prototype.toString.
I propose the following change to SqlString.escape() which will fix the problem without breaking any current functionality:
else if (stringifyObjects) {
return escapeString(val.toString());
}
would become:
else if (stringifyObjects) {
let returnval = val.toString();
if (returnval === "[object Object]") returnval = JSON.stringify(val);
return escapeString(returnval);
}
When using the format function to prepare a statement, if the data is an object, it is returning [object object] instead of stringifying the object.
for example:
Here is what sqlStr.format returns: "INSERT INTO table (cola, colb, colc) VALUES ('text',0,'[object Object]')"
Here is what it SHOULD return:
"INSERT INTO table (cola, colb, colc) VALUES ('text',0,'{"test1":"text","val1":1}')