builder icon indicating copy to clipboard operation
builder copied to clipboard

verified publisher icon go-xorm

Metadata

Lightweight and fast SQL builder for Go language, moved to https://gitea.com/xorm/builder

Results 6 builder issues
Sort by recently updated
recently updated
newest added

ToBoundSQL函数 不能过滤参数防止SQL注入吗?

6 comment

代码: name := "cat;sleep(1)" build := builder.MySQL() sql, err := build.Select("*").From(table).Where(builder.Cond(builder.Eq{"name": name})).ToBoundSQL() 生成的sql语句是:SELECT * FROM t_tmp_info WHERE name='cat;sleep(1)' 并没有将sleep(1)过滤掉

xuyuri avatar xuyuri

security

WIP feature replacement

- [x] Mysql - [ ] Oracle - [ ] Postgre - [ ] Sqlite - [ ] Mssql

BetaCat0 avatar BetaCat0

feature

MsSQL Limits

Not entirely sure how the previous implementation was supposed to work. With SQL Server 2008 there is support for [OFFSET and FETCH clauses](https://docs.microsoft.com/en-us/sql/t-sql/queries/select-order-by-clause-transact-sql?view=sql-server-2017#using-offset-and-fetch-to-limit-the-rows-returned).

n1xx1 avatar n1xx1

How to use Mysql's "regexp" or postgresql's "~*" ?

1 comment

mysql: select * from user where name regexp '^tom'; postgresql: select * from user where name ~* '^[a-h]'

walnut-tom avatar walnut-tom

question

Cond interface needs iterator

Cond interface needs iterator to edit the conditions. Suppose ID=10 is already given. If in some cases, we might change the ID=15. But Now we have to create new condition.

kumarsiva07 avatar kumarsiva07

proposed

Struct to sql query for create table

Struct to sql query for create table and drop table

kumarsiva07 avatar kumarsiva07

feature

Metadata

155
Stars
38
Forks
Watchers

Owner

verified publisher icon go-xorm

Metadata

Lightweight and fast SQL builder for Go language, moved to https://gitea.com/xorm/builder

Back