Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
"Error: Incorrect arguments to mysqld_stmt_execute" when a comment includes a parameter
See original GitHub issueDescription
When any SQL query includes a command containing the syntax for a parameter and is passed to the execute function, the library gives an SQL error. I would expect the SQL parser in the library to properly identify that it is inside an command expression and handle the situation gracefully.
Reproducing:
Run the following code:
import mysql from 'mysql2';
const pool = mysql.createPool(....);
const db = await pool.promise();
const sql = `
SELECT
-- The following code return the value of the :input parameter as a single row
:input as input
FROM
DUAL
`;
const params = {
input: 1234,
};
const [resultSet] = await db.execute(sql, params);
Expected
I get a result set back which contains [ { input: 1234 } ]
Actual:
I receive the following error
Error: Incorrect arguments to mysqld_stmt_execute
at PromisePoolConnection.execute (<hidden>/node_modules/mysql2/promise.js:110:22) {
code: 'ER_WRONG_ARGUMENTS',
errno: 1210,
sqlState: 'HY000',
sqlMessage: 'Incorrect arguments to mysqld_stmt_execute'
}
Use case
In my use case, I get complex queries from third parties, which sometimes includes comments using --, or /* */ or //. The MySQL2 library just refuses to run the queries with comments containing parameter strings with the above error, needing me to use workarounds
Current workaround
For every SQL query that I get from my third party, I have to inspect every comment and add a space after : if text follows this symbol. Missing any means I get a production crash
Issue Analytics
- State:
- Created 2 years ago
- Comments:14 (10 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Here’s a quick and easy workaround in the meantime. It only filters out comments that start
--with a trailing space. If you need support for//or/* ... */style comments, you could look into a broader regex and/or parser. If you need it across your code base, make it into a reusable function.EDIT:
After reading about the format of mysql comments, my code should be updated where
--and#are treated as inline comments (as opposed to starting the line) and/* ... */is treated both as inline and multiline comments. The OP even mentioned comments using//inline style comments too. I didn’t find any good regex or parser that contains the total of the comment styles but my workaround would alleviate the parameter issue leaving the code in a better forward state if the mysql comment parser was updated in the future. Obviously, I’d write some unit tests around the logic to remove mysql comments.@ruiquelhas I was thinking per-execute if I understand your question correctly
connection.execute('select ? as test', [PreparedStatementParameter(VARCHAR, new Date()])would send date parameter as string