clickhouse-rs icon indicating copy to clipboard operation
clickhouse-rs copied to clipboard

Published 20 hours ago verified publisher icon suharev7

Feature Request: Query with Parameters

Open mitsuhiko opened this issue 2 years ago • 3 comments

The library currently does not support sending a query with parameters out of band (eg: to avoid sql injections). It would be nice to have a way to send a query and the provide the parameters separately. Eg:

let query = Query::new("select * from foo where x = ?").add_param("whatever").build();

mitsuhiko avatar Aug 10 '21 10:08 mitsuhiko

@suharev7 @mitsuhiko maybe https://docs.rs/postgres-protocol/0.6.4/postgres_protocol/escape/fn.escape_literal.html can be used to implement this?

petar-dambovaliev avatar Jun 03 '22 10:06 petar-dambovaliev

That seems like the wrong way to accomplish that.

mitsuhiko avatar Jun 05 '22 06:06 mitsuhiko

@mitsuhiko Maybe https://docs.rs/sqlparser/latest/sqlparser/ would fit better? It supports ClickHouse dialect. We use it exactly for mentioned purpose.

karpovr avatar Jun 06 '22 08:06 karpovr