Skip to content

Variables

Jump to bottom Edit New page
Nathan Bruer edited this page Oct 10, 2015 · 1 revision

Variables

Variables are represented with @ (at sign) followed by numbers and/or characters (must start with character). Then the developer may assign values to the variables and the library will auto-escape and adjust to the data type of the variables. This is a very safe way to inject unsafe to query the database.

#Examples

JS Result 
PQL.getSQL({
  query: 'id:@order_id',
  table: 'order',
  variables: {
    order_id: 5,
  },
});
 
SELECT
	*
FROM "orders"
WHERE
	"orders"."id" = 5
GROUP BY
	"orders"."id"

PQL.getSQL({
  query: 'id:@unknown_var',
  table: 'order',
  variables: {
    order_id: 5,
  },
});
 
SELECT
	*
FROM "orders"
WHERE
	"orders"."id" IS NULL
GROUP BY
	"orders"."id"

PQL.getSQL({
  query: 'id:@order_id',
  table: 'order',
  variables: {
    order_id: 'Uns\"afe\\"D\'At\0a\n',
  },
});
 
SELECT
	*
FROM "orders"
WHERE
	"orders"."id" = 'Uns"afe\\"D\'At\0a\n'
GROUP BY
	"orders"."id"
Add a custom footer
Add a custom sidebar
Clone this wiki locally