Escaping parameters ($1, $2,...) when creating SQL functions

porsager / postgres

Postgres.js - The Fastest full featured PostgreSQL client for Node.js, Deno, Bun and CloudFlare

The Unlicense

7.09k stars 259 forks source link

Escaping parameters ($1, $2,...) when creating SQL functions #779

Open powibol opened 6 months ago

powibol commented 6 months ago

Hi all,

I am looking for the right way to escape $1, $2,..., when used inside a CREATE FUNCTION statement.

As a minimal example, let's say we have this query in a file:

CREATE OR REPLACE FUNCTION "sample_function"(integer) RETURNS boolean
AS
$$
SELECT CASE WHEN $1 > 15 THEN true ELSE false END AS x FROM (VALUES (1)) AS y
$$
LANGUAGE SQL
STABLE
RETURNS NULL ON NULL INPUT

How should I escape $$ and $1 in this example?

Thank you a lot in advance for your help!

Louis-Tian commented 6 months ago

I don't understand your question. Where is the value being passed in for the parameter $1. Can you please write out the entire javascript instead of just the sql part?

I could be wrong but I feel you trying to ask a generic PostgreSQL question? If so you should be asking ask on the PostgreSQL mailing list or their slack channel. This is the repo for "postgres.js" , a javascript client library for PostgreSQL.