Building query for ORDER BY ? DESC/ASC doesn't seem to use the values #2726
-
let extraClause = "";
if (extraFilters) {
if (extraFilters.sorted) {
if (extraFilters.sortOrder === "DESC") {
extraClause += ' ORDER BY ? DESC';
} else {
extraClause += ' ORDER BY ? ASC';
}
whereValues.push(extraFilters.sorted);
}
}
const query = 'SELECT p.*, GROUP_CONCAT(i.image_path SEPARATOR \',\') AS image_paths FROM post p LEFT JOIN Image i ON p.post_id = i.post_id' + (whereClause ? ' WHERE ' + whereClause : '') + ' GROUP BY p.post_id ' + (extraClause ? extraClause : ''); Value + Query
It only works when it look like this:
It doesn't work with preparing the statement beforehand. I feel like that they add DESC as a string and then mysql doesn't recognizes it. The SQL is correct in any way, but it doesn't filter. Executing the statement like this:
|
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 3 replies
-
hi @k3rne1pan1c , what do you mean by "doesn't work"? Do you get error response from myqsl server? a local error? Can you also post actual query and parameters after all conditions? Overall I feel your question is not specific to mysq2 library |
Beta Was this translation helpful? Give feedback.
-
Keep an eye on the
Using prepared statement and entering the value So what is the right way to put the order value in that array? Then this query is run by mysql2, which is wrong:
Either 'created_at' needs to be without quotes or ``, but you can't use them since, TS formes them into normal quotes. If you need any other information, please let me know, what else I can do. |
Beta Was this translation helpful? Give feedback.
-
I have the following error when using the field alias in ODER BY Unknown column 'val_entrada' in 'order clause'". It works in MySQLWorkbech. I use version 8. Can someone help me? |
Beta Was this translation helpful? Give feedback.
you might want to use
escapeId
here - https://github.com/mysqljs/mysql?tab=readme-ov-file#escaping-query-identifiersNote that you can't have this as a parameter in a real prepared statement (
.query
is a client side query building, not a real server side parametrized statement )