database/sql doesn't even escape those args, just handles them to the underlying driver, which sends them to the database separately (at least for Oracle, which I'm quite sure of, as I'm the maintainer of the rana/ora driver).
This post was originally written in the context of Postgres, and as I understand it each driver defines its own set of argument placeholders (see github.com/golang/go/issues/3602), which is why this post only really covers $1.
I'll see if I can tweak the post to make it clearer that we are referring to Postgres here and that other drivers use different placeholders.
I just realized I didn't show an example of using placeholders in this article. My original draft did so not sure how it got dropped. That is why I mentioned $1 in the comment. I'll update this shortly with more context and thanks for pointing it out!
Edit: Done. Is that clearer now?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Please at least mention argument placeholders!
See golang.org/pkg/database/sql/#db.Query it's in the Examples!
database/sql doesn't even escape those args, just handles them to the underlying driver, which sends them to the database separately (at least for Oracle, which I'm quite sure of, as I'm the maintainer of the rana/ora driver).
This post was originally written in the context of Postgres, and as I understand it each driver defines its own set of argument placeholders (see github.com/golang/go/issues/3602), which is why this post only really covers $1.
I'll see if I can tweak the post to make it clearer that we are referring to Postgres here and that other drivers use different placeholders.
Sorry, I can't find the word "placeholder" in the article. That's my concern, not postgres or whatever.
I just realized I didn't show an example of using placeholders in this article. My original draft did so not sure how it got dropped. That is why I mentioned
$1in the comment. I'll update this shortly with more context and thanks for pointing it out!Edit: Done. Is that clearer now?