Skip to content

sprintf-style postgres query escaping and helper functions

Notifications You must be signed in to change notification settings

maybephilipp/pg-escape

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

pg-escape

Sprintf-style postgres query formatting and escape helper functions.

Installation

$ npm install pg-escape

Example

var sql = escape('INSERT INTO %I VALUES(%L)', 'books', "O'Reilly");
console.log(sql);

yields:

INSERT INTO books VALUES('O''Reilly')

API

escape(fmt, ...)

Format the given arguments.

escape.string(val)

Format as a simple string.

escape.dollarQuotedString(val)

Format as a dollar quoted string

escape.ident(val)

Format as an identifier.

escape.literal(val)

Format as a literal.

Formats

  • %s formats the argument value as a simple string. A null value is treated as an empty string.
  • %Q formats the argument value as a dollar quoted string. A null value is treated as an empty string.
  • %I treats the argument value as an SQL identifier, double-quoting it if necessary. It is an error for the value to be null.
  • %L quotes the argument value as an SQL literal. A null value is displayed as the string NULL, without quotes.
  • %% In addition to the format specifiers described above, the special sequence %% may be used to output a literal % character.

License

MIT

About

sprintf-style postgres query escaping and helper functions

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 98.5%
  • Makefile 1.5%