Support for client side parameter interpolation

Question

Support for client side parameter interpolation

mattrobenolt opened this issue 2 years ago · 0 comments

It'd be expected to support a syntax like:

client.execute("select * from foo where id = ?", [1])

Where they can safely pass a list of parameters into their query instead of needing to do their own escaping or using prepared statements. This is a common pattern across drivers to allow client side interpolation, and in our case, this would be highly preferred over preparing statements.

For JavaScript, we came across sqlstring, which supports the same API as well as some other goodies. We should leverage this automatically internally. If parameters are passed, run it through SqlString.format(...).

It's worth noting that SqlString comes from mysqljs ecosystem, and is used within the mysqljs/mysql driver.