Go Select 在使用 uuid 字符串列表
Go Select In using a list of uuid strings
我有一个要用于过滤查询的 uuid 字符串列表。如果我像这样遍历列表中的元素,我可以使查询工作:
for i, fileUID := range fileUIDs {
db.Exec("DELETE FROM files WHERE uid = ::uuid", fileUID)
}
但我想使用列表让它工作:
db.Exec("DELETE FROM files WHERE uid IN ::uuid[]", fileUIDs)
这可能吗?我似乎无法正常工作。
我尝试了 How to execute an IN lookup in SQL using Golang? 中的解决方案,但在使用 ? 时出现 pq: syntax error at or near "," 或在使用 ?:uuid 时出现 pq: syntax error at or near "::" 等错误。我使用了以下内容:
fileUIDArgs := make([]interface{}, len(fileUIDs))
for i, fileUID := range fileUIDs {
fileUIDArgs[i] = interface{}(fileUID)
}
//also tried using "?::uuid"
myPsql := "DELETE FROM files WHERE uid IN (" + "?" + strings.Repeat(",?", len(uidStrings)-1) + ")"
db.Exec(myPsql, fileUIDArgs...)
使用 fmt。确保您的 uuid 不包含任何 SQL-injection.
ary := []string{
"1442edc8-9e1f-4213-8622-5610cdd66790",
"0506ca17-d254-40b3-9ef0-bca6d15ad49d",
"e46f3708-6da5-4b82-9c92-f89394dffe5d",
"fb8bf848-73a2-4253-9fa3-e9d5e16ef94a",
"84691fa5-3391-4c02-9b16-82389331b7ac",
"adba3c9d-b4ab-4e62-a650-414970645be7",
}
query := fmt.Sprintf(`DELETE FROM files WHERE uid IN ('%s'::uuid);`,
strings.Join(ary, "'::uuid,'"))
db.Exec(query) // etc
消除潜在的SQL-注射:
ary := []string{ /* list of uuids */ }
query := `DELETE FROM files WHERE uid IN (`
aryInterfaces := make([]interface{}, len(ary))
for i, v := range ary {
query += "$" + strconv.FormatInt(int64(i+1), 10)
if i < len(ary)-1 {
query += ","
}
aryInterfaces[i] = v
}
query += ")"
db.Exec(query, aryInterface...)
奖金
Postgresql 使用 , , 等而不是 ?, ?, ?。这里有一点 helper function and here 是它的概念证明。
这是一个老问题,但为了那些将被引导到这里的人,如果你使用的是 postgres db,你可以使用这种更简单的方法:
DELETE FROM files WHERE uid=ANY();
</code> 是一个 uuid 数组。所以你的查询变成:</p>
<pre><code>toBeDeleted:= []uuid.UUID{....}
_, err = tx.Exec("UDELETE FROM files WHERE uid=ANY();",toBeDeleted)
//or
_, err = tx.Exec("UDELETE FROM files WHERE uid=ANY();",pq.Array(toBeDeleted))
两者都适合你。
我有一个要用于过滤查询的 uuid 字符串列表。如果我像这样遍历列表中的元素,我可以使查询工作:
for i, fileUID := range fileUIDs {
db.Exec("DELETE FROM files WHERE uid = ::uuid", fileUID)
}
但我想使用列表让它工作:
db.Exec("DELETE FROM files WHERE uid IN ::uuid[]", fileUIDs)
这可能吗?我似乎无法正常工作。
我尝试了 How to execute an IN lookup in SQL using Golang? 中的解决方案,但在使用 ? 时出现 pq: syntax error at or near "," 或在使用 ?:uuid 时出现 pq: syntax error at or near "::" 等错误。我使用了以下内容:
fileUIDArgs := make([]interface{}, len(fileUIDs))
for i, fileUID := range fileUIDs {
fileUIDArgs[i] = interface{}(fileUID)
}
//also tried using "?::uuid"
myPsql := "DELETE FROM files WHERE uid IN (" + "?" + strings.Repeat(",?", len(uidStrings)-1) + ")"
db.Exec(myPsql, fileUIDArgs...)
使用 fmt。确保您的 uuid 不包含任何 SQL-injection.
ary := []string{
"1442edc8-9e1f-4213-8622-5610cdd66790",
"0506ca17-d254-40b3-9ef0-bca6d15ad49d",
"e46f3708-6da5-4b82-9c92-f89394dffe5d",
"fb8bf848-73a2-4253-9fa3-e9d5e16ef94a",
"84691fa5-3391-4c02-9b16-82389331b7ac",
"adba3c9d-b4ab-4e62-a650-414970645be7",
}
query := fmt.Sprintf(`DELETE FROM files WHERE uid IN ('%s'::uuid);`,
strings.Join(ary, "'::uuid,'"))
db.Exec(query) // etc
消除潜在的SQL-注射:
ary := []string{ /* list of uuids */ }
query := `DELETE FROM files WHERE uid IN (`
aryInterfaces := make([]interface{}, len(ary))
for i, v := range ary {
query += "$" + strconv.FormatInt(int64(i+1), 10)
if i < len(ary)-1 {
query += ","
}
aryInterfaces[i] = v
}
query += ")"
db.Exec(query, aryInterface...)
奖金
Postgresql 使用 , , 等而不是 ?, ?, ?。这里有一点 helper function and here 是它的概念证明。
这是一个老问题,但为了那些将被引导到这里的人,如果你使用的是 postgres db,你可以使用这种更简单的方法:
DELETE FROM files WHERE uid=ANY();
</code> 是一个 uuid 数组。所以你的查询变成:</p>
<pre><code>toBeDeleted:= []uuid.UUID{....}
_, err = tx.Exec("UDELETE FROM files WHERE uid=ANY();",toBeDeleted)
//or
_, err = tx.Exec("UDELETE FROM files WHERE uid=ANY();",pq.Array(toBeDeleted))
两者都适合你。