You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Quick suggestion to hear the community's thoughts before opening a PR:
I recently noticed that if one would use .Where() and pass it multiple OR clauses, say, without using proper sq.Or,
the statement would not be parenthesized:
sql, _, _ := sq.Select("*").
From("table").
Where("a = ?", 1).
Where("b = ? OR c = ?", 1, 2, 3).
ToSql()
println(sql)
---
SELECT * FROM table WHERE a = ? AND b = ? OR c = ?
This is unlike some other query builders, for instance in gorm, the same usage is parenthesized:
db, _ := gorm.Open("postgres", "...")
expr := db.Select("*").
Table("table").
Where("a = ?", 1).
Where("b = ? OR c = ?", 2, 3).
QueryExpr()
field := reflect.ValueOf(expr).Elem().FieldByName("expr")
fieldPtr := unsafe.Pointer(field.UnsafeAddr())
fieldRef := reflect.NewAt(field.Type(), fieldPtr)
println(fieldRef.Elem().Interface().(string))
---
SELECT * FROM "table" WHERE (a = ?) AND (b = ? OR c = ?)
Even though sq providers a proper Or primitive, the above can still be mistakenly used, which could lead to insidious bugs where the latter part of the OR statement overrides predicates before it.
I was wondering if, maybe via an opt-in flag to be backwards compatible, it would make sense to auto-parenthesize statements inside Where() - it could be done for all statements, or only for those that contains "OR" statements.
Let me know the sentiment if this is something we're willing to push, and I'll open a PR.
The text was updated successfully, but these errors were encountered:
Greets !
Quick suggestion to hear the community's thoughts before opening a PR:
I recently noticed that if one would use
.Where()and pass it multiple OR clauses, say, without using propersq.Or,the statement would not be parenthesized:
This is unlike some other query builders, for instance in gorm, the same usage is parenthesized:
Even though sq providers a proper
Orprimitive, the above can still be mistakenly used, which could lead to insidious bugs where the latter part of the OR statement overrides predicates before it.I was wondering if, maybe via an opt-in flag to be backwards compatible, it would make sense to auto-parenthesize statements inside Where() - it could be done for all statements, or only for those that contains "OR" statements.
Let me know the sentiment if this is something we're willing to push, and I'll open a PR.
The text was updated successfully, but these errors were encountered: