Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cannot use question mark as prepared statement placeholder?

See original GitHub issue

I am converting an existing project from MySQL to Postgres. There are quite a few raw SQL literals in the code that use ? as a placeholder, e.g.

  SELECT
    id
  FROM
    users
  WHERE
    name = ?

But I get this error:

DB query error: error: operator does not exist: character varying = ?

I don’t want to convert all my existing SQL from ? to postgres-style operators like $1. Is there some way of having node-postgres accept the question marks instead, or a utility that can convert to postgres style params?

Issue Analytics

State:
Created 7 years ago
Reactions:3
Comments:8 (4 by maintainers)

Top GitHub Comments

1reaction

charmandercommented, Apr 12, 2017

Whats the expected output?

'shouldn''t', if you’re escaping, but again: don’t. It’s a terrible idea. Use parameters. You don’t have to write them manually: https://gist.github.com/charmander/8f7b05f8d2b2e4e3c190c7a9e1bec1f2

Aside: a properly fair comparison would be:

query(`SELECT $1, $2, $3`, [1, 2, 3]);

I can easily see the latter scenario happening as part of crappy refactoring of the codebase.

Solution: don’t do that.

1reaction

charmandercommented, Apr 12, 2017

@gajus MySQL’s string escaping is non-standard and won’t work with PostgreSQL:

> console.log(SqlString.format("?", "shouldn't"));
'shouldn\'t'

The entire sqlstring approach is a bad one in the first place, though. Use real parameters, please.

Top Results From Across the Web

Prepared statements: Using unnamed and unnumbered ...

The problem with this syntax arises when I try to insert a large number of rows in one statement, for a 10,000 rows...

PDO::prepare - Manual - PHP

Both named and question mark parameter markers cannot be used within the same statement template; only one or the other parameter style.

Prepare a statement - IBM

First, if it is a SELECT statement, it cannot include the INTO variable clause. ... Only the PREPARE statement can specify question mark...

Prepared Statement Question Mark within WHERE LIKE '%?%'

When writing a prepared statement in a Base macro, I can't seem to replace the question mark within WHERE LIKE '%?%'.

PDO::prepare() - micmap.org

parameter markers for which real values will be substituted when the statement is executed. You cannot use both named and question mark parameter...

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.

Start Free

Top Related Reddit Thread

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

Cannot use question mark as prepared statement placeholder?

Issue Analytics

Top GitHub Comments

Top Results From Across the Web

Top Related Medium Post

Top Related StackOverflow Question

Troubleshoot Live Code

Top Related Reddit Thread

Top Related Hackernoon Post

Top Related Tweet

Top Related Dev.to Post

Top Related Hashnode Post

TypeError: Cannot read property 'name' of null

Querystring in connection string