Closed cakoose closed 5 years ago
Something like the following:
console.log(SqlString.format('SELECT ?', [SqlString.raw(n.toString())]))
Ah, thanks! That does work, but one concern is that we'd lose some protection against SQL injection.
Does the "mysql" package allow replacing "sqlstring" with a different quoting function? I could write a custom function that handles all the standard types and also handles BigNumber.js.
Thanks, again!
No problem at all! Node.js updated the JavaScript and supports native BigInts now. I don't think this lib works with them, but I should be able to add support, which would mean if you're able to use the native BitInts, then you can use this without modification. It would be like console.log(SqlString.format('SELECT ?', [26000000000000000n]))
Yeah, BigInts currently come through quoted as well. Would be nice to fix that.
(It'll take us a while to migrate from BigNumber.js to native BigInt, so we'll need to use one of the other workarounds for now...)
Some of our columns are bigints and we're currently using BigNumber.js to work with those values.
My first attempt:
Doing
BigNumber.toString()
fixes that:But the problem is that quoting numbers causes MySQL to treat the value differently, and lose precision when doing arithmetic (bug):
Is there a way to use a "?" placeholder to produce an unquoted bigint value?