英文:
How to use wildcard in sql query in golang
问题
查询 := "select p.project_id,p.name,p.org_id,p.user_id,p.email,p.status_ind,p.approver,p.favorite,p.create_timestamp,t.name as tagname,count(b.name) as total,t.colorCode from project p inner join tag t on p.project_id = t.project_id ";
q2 := " left join build b on p.project_id = b.project_id AND b.status_ind = \"created\" AND p.status_ind = :status group by p.project_id, t.colorCode "
//查询 := "select project.project_id,project.name,project.org_id,project.user_id,project.email,project.status_ind,project.approver,project.favorite,project.create_timestamp,tag.name AS tagname, tag.colorCode from project INNER JOIN tag on project.project_id = tag.project_id where status_ind=:status "
if q["name"] != "" {
查询 = 查询 + " AND p.name LIKE %:name "
}
查询+=q2
查询 += " ORDER BY create_timestamp DESC "
查询 += " LIMIT :limit;"
这里的name是一个参数,它是一个Golang变量,来自JSON请求。每当我访问API时,它会抛出一个无效的SQL错误。
英文:
query := "select p.project_id,p.name,p.org_id,p.user_id,p.email,p.status_ind,p.approver,p.favorite,p.create_timestamp,t.name as tagname,count(b.name) as total,t.colorCode from project p inner join tag t on p.project_id = t.project_id ";
q2 := " left join build b on p.project_id = b.project_id AND b.status_ind = \"created\" AND p.status_ind = :status group by p.project_id, t.colorCode "
//query := "select project.project_id,project.name,project.org_id,project.user_id,project.email,project.status_ind,project.approver,project.favorite,project.create_timestamp,tag.name AS tagname, tag.colorCode from project INNER JOIN tag on project.project_id = tag.project_id where status_ind=:status "
if q["name"] != "" {
query = query + " AND p.name LIKE %:name "
}
query+=q2
query += " ORDER BY create_timestamp DESC "
query += " LIMIT :limit;"
Here name is parameter which is a golang variable and comes from json request. It is throwing me an error of invalid sql whenever I hit the API.
答案1
得分: 2
关于SQL语法,有两个要注意的事项:
LIKE的参数必须是一个字符串。- 参数占位符不能位于SQL字符串定界符内部。
因此,你需要将LIKE的参数设置为一个由'%'和你的参数值拼接而成的字符串。
有两种方法可以实现这个目的。
第一种方法是使用CONCAT()函数将字面字符串'%'和你的参数拼接起来:
query := `
SELECT ...
FROM project p
INNER JOIN tag t ON p.project_id = t.project_id
LEFT JOIN build b ON p.project_id = b.project_id
AND b.status_ind = 'created'
AND p.status_ind = ?
AND p.name LIKE CONCAT('%', ?)
GROUP BY p.project_id, t.colorCode
ORDER BY create_timestamp DESC
LIMIT ?`
rows, err := db.Query(query, status, name, limit)
第二种方法是只使用参数占位符,并在Go代码中将字符串拼接后再传递给查询:
query := `
SELECT ...
FROM project p
INNER JOIN tag t ON p.project_id = t.project_id
LEFT JOIN build b ON p.project_id = b.project_id
AND b.status_ind = 'created'
AND p.status_ind = ?
AND p.name LIKE ?
GROUP BY p.project_id, t.colorCode
ORDER BY create_timestamp DESC
LIMIT ?`
namePattern := "%" + name
rows, err := db.Query(query, status, namePattern, limit)
上面的示例中,我使用了Go的反引号字符串,以便更容易地创建包含字面引号字符的多行字符串。这是我在Go中编写SQL查询的方式。
据我所知,MySQL只支持位置参数占位符,不支持命名参数占位符。
英文:
Two things to keep in mind about SQL syntax:
-
The argument to
LIKEmust be a string. -
Parameter placeholders must not be inside SQL string delimiters.
So you need to make the argument to LIKE be a concatenated string of '%' and the value of your parameter.
There are two ways to do this.
The first way is to use CONCAT() to concatenate the literal string '%' and your parameter:
query := `
SELECT ...
FROM project p
INNER JOIN tag t ON p.project_id = t.project_id
LEFT JOIN build b ON p.project_id = b.project_id
AND b.status_ind = 'created'
AND p.status_ind = ?
AND p.name LIKE CONCAT('%', ?)
GROUP BY p.project_id, t.colorCode
ORDER BY create_timestamp DESC
LIMIT ?`
rows, err := db.Query(query, status, name, limit)
The second way is to just use a parameter placeholder, and concatenate the string in Go code before passing it to the query.
query := `
SELECT ...
FROM project p
INNER JOIN tag t ON p.project_id = t.project_id
LEFT JOIN build b ON p.project_id = b.project_id
AND b.status_ind = 'created'
AND p.status_ind = ?
AND p.name LIKE ?
GROUP BY p.project_id, t.colorCode
ORDER BY create_timestamp DESC
LIMIT ?`
namePattern := "%" + name
rows, err := db.Query(query, status, namePattern, limit)
I show in the example above using Go back-tick strings to make it easier to make multi-line strings that may contain literal quote characters. This is the way I write SQL queries in Go.
As far as I know, MySQL only supports positional query parameter placeholders, not named query parameter placeholders.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论