Skip to content
Advertisement

How to escape it properly?

I have sql string written with template string syntax:

const sql = `select * from tbl_name where smth=$1 name like '%$2%'`;

const data = await execute(sql, [something, someName]);

I have problems with binding second param – $2 because of single quote. How should I write it properly ?

Error: Error: Query failed: bind message supplies 2 parameters, but prepared statement "" requires 1

Advertisement

Answer

I think you’re supposed to use wildcards this way:

const sql = `select * from tbl_name where smth=$1 name like $2`;
const data = await execute(sql, [something, `%${someName}%`]);
User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement