Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

.set(...) with a string parameter #243

Open
ProGM opened this issue Dec 21, 2015 · 2 comments
Open

.set(...) with a string parameter #243

ProGM opened this issue Dec 21, 2015 · 2 comments

Comments

@ProGM
Copy link
Member

ProGM commented Dec 21, 2015

I noticed that it's possible to do:

query.where('q.name = ?', 'something')

But not:

query.set('q.name = ?', 'something')

It could be useful in this case:

query.set('q.score = COALESCE(q.score, 0) * ?', 5)
@cheerfulstoic
Copy link
Contributor

Yeah, I could definitely see that. For now if you want to protect against injection you can use params:

query.set('q.score = COALESCE(q.score, 0) * {score_multiplier}').params(score_multiplier: 5}

More awkward, I know

@ProGM
Copy link
Member Author

ProGM commented Dec 22, 2015

Uhm, at least you should improve the documentation for it, I think!

But it does the trick, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cheerfulstoic @ProGM