node-postgres how to escape parameters?
I know about parameterized query, but since I have to programmatically construct the where condition, taking count of the parameters and building the parameters array is a task much more complex than simply calling an escape function when required. So:
is there a parameters escape function in node-postgres?
Yes, since this PR there are
client.escapeLiteral (sadly still undocumented). However, it is not recommended to use them when you can use parameterised queries, and for dynamic
WHERE condition you can easily construct a query object with
values on the fly.
Answered By – Bergi