问题描述
我尝试使用Typeform和getManager()。query()从服务器发出sql请求,并使用sql传递给查询字符串。
- MysqLWorkbench屏幕快照https://prnt.sc/uad3tu中的工作示例和代码片段。如果我将其复制并粘贴到代码中,则效果很好
SELECT `Event`.*,`Repeats`.`start_event_at`,`Repeats`.`end_event_at`
FROM `events` `Event`
LEFT JOIN `event_repeats` `Repeats` on `Repeats`.`eventId` = `Event`.`id`
WHERE `Event`.`category` = 'fitness'
AND `Repeats`.`end_event_at` >= '2020-09-02T14:59:00.000Z'
- 但是,如果我在插值字符串中使用变量,则会引发错误,请截图https://prnt.sc/uad5zy和
SELECT `Event`.*,`Repeats`.`end_event_at`
FROM `events` `Event`
LEFT JOIN `event_repeats` `Repeats` on `Repeats`.`eventId` = `Event`.`id`
WHERE `Event`.`category` = ${category}
AND `Repeats`.`end_event_at` >= '2020-09-02T14:59:00.000Z'
我做错了什么以及如何处理?
解决方法
使用查询方法时,请使用基础的driver escaping mechanism。对于mysql:
await getEntityManager().query('SELECT * FROM tbl_1 WHERE category = ?',[ 'fitness' ])
最终代码如下:
async getAllEvents(search_options: any,end_at,offFilters): Promise<Event[]> {
const { isOnline,isMobility,impairment,category } = search_options;
let events = null;
if (offFilters) {
events = await getManager().query(
' SELECT Event.*,Repeats.start_event_at,Repeats.end_event_at ' +
' FROM events Event ' +
' LEFT JOIN event_repeats Repeats ON Repeats.eventId = Event.id ' +
' WHERE Event.category = ? ' +
' AND Repeats.end_event_at >= ?',[category,end_at])
} else {
const online = isOnline ? 1 : 0
const mobility = isMobility ? 1 : 0
events = await getManager().query(
' SELECT Event.*,Repeats.end_event_at ' +
' FROM events Event ' +
' LEFT JOIN event_repeats Repeats ON Repeats.eventId = Event.id ' +
' WHERE Event.category = ? ' +
' AND Event.isOnline = ? ' +
' AND Event.isMobility = ? ' +
' AND Event.impairment = ? ' +
' AND Repeats.end_event_at >= ?',online,mobility,end_at])
}
return events
}