英文:
Dynamically pass the SQL parameter in Go
问题
我有以下的Go程序,它可以动态地传递一个参数。根据我的需求,我事先不知道参数名和参数值。我可能需要以动态的方式传递1...n个参数和对应的值到查询中。我该如何实现这个功能?
import ("database/sql""fmt")func main() {// 打开与数据库的连接db, err := sql.Open("mysql", "user:password@tcp(host:port)/database")if err != nil {panic(err)}defer db.Close()// 准备带有参数占位符的SQL语句stmt, err := db.Prepare("SELECT * FROM mytable WHERE mycolumn = ?")if err != nil {panic(err)}defer stmt.Close()// 使用参数值执行SQL语句rows, err := stmt.Query("myvalue")if err != nil {panic(err)}defer rows.Close()// 遍历结果集for rows.Next() {var id intvar name stringerr := rows.Scan(&id, &name)if err != nil {panic(err)}fmt.Println(id, name)}if err = rows.Err(); err != nil {panic(err)}}
你可以使用stmt.Query方法来执行带有参数的SQL语句。在stmt.Query方法中,你可以传递参数的值作为参数。在循环中,你可以使用rows.Scan方法来获取每一行的结果。
英文:
I have the below Go program, which works fine for dynamically passing only one parameter. In my requirement, I will not know the parameter name and parameter value in advance. I may need to pass 1...n parameter to the query and values as dynamic manner. How can I achieve the same?
import ("database/sql""fmt")func main() {// Open a connection to the databasedb, err := sql.Open("mysql", "user:password@tcp(host:port)/database")if err != nil {panic(err)}defer db.Close()// Prepare the SQL statement with placeholders for the parametersstmt, err := db.Prepare("SELECT * FROM mytable WHERE mycolumn = ?")if err != nil {panic(err)}defer stmt.Close()// Execute the SQL statement with the parameter valuesrows, err := stmt.Query("myvalue")if err != nil {panic(err)}defer rows.Close()// Iterate over the result setfor rows.Next() {var id intvar name stringerr := rows.Scan(&id, &name)if err != nil {panic(err)}fmt.Println(id, name)}if err = rows.Err(); err != nil {panic(err)}}
答案1
得分: 2
最简单的方法是使用Squirrel。你可以像他们的readME.md中给出的示例那样添加条件查询。
if len(q) > 0 {users = users.Where("name LIKE ?", fmt.Sprint("%", q, "%"))}
英文:
The easiest way would be using Squirrel.
You can add conditional queries like in the example given in their readME.md.
> if len(q) > 0 {
> users = users.Where("name LIKE ?", fmt.Sprint("%", q, "%"))
> }
答案2
得分: 1
我对Go了解甚少(我在这里是因为我了解SQL Server),但我可以找到文档,并看到以下内容:
> Query使用给定的参数执行准备好的查询语句
使用复数的"参数"而不是"参数",再加上我在其他环境中使用?占位符的经验,告诉我你可以将多个参数传递给Query(),它们将被解释为位置参数:
stmt.Query("myvalue1", "myvalue2",.... "myvaluen")
其中,myvalue1与SQL命令字符串中的第一个准备好的?占位符匹配,myvalue2与第二个占位符匹配,依此类推。
我想你已经知道这一点,但为了完整起见,我需要补充一点:不要使用字符串操作将这些值包含在SQL命令中。
英文:
I know very little about Go (I'm here because I do know SQL Server), but I can find the documentation, and see this:
> Query executes a prepared query statement with the given arguments
The use of the plural "arguments", instead of "argument", plus my experience using the ? placeholder in other environments, tells me you can pass multiple arguments to Query() and they will be interpreted as positional parameters:
stmt.Query("myvalue1", "myvalue2",.... "myvaluen")
Where myvalue1 matches to the first prepared ? placeholder in the SQL command string, myvalue2 matches to the second, and so on.
I think you know this, but for completeness I need to add: do NOT use string manipulation to include these values in the SQL command.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论