Open source enthusiast.
- Creator of Linguist - a browser extension for privacy focused translation (FOSS)
- Author of blog about programming
- 1 Post
- 1 Comment
Joined 2 years ago
Cake day: August 19th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
When you use query builder, you write a raw SQL code.
The benifit is you can insert user input right in string, and your query remain secure against injections. Additionally, a Nano Queries let you compose queries, and extend it, so you may build complex queries simply.
Let’s say you develop a site to search something by its features, for example a movies. Your SQL query may easy takes 100-500 lines. Some part of this query will be a basic, some will be optional depends on provided filters.
With a query builder you may conditionally extend your query like that
if (userInput.rating > 0) { filter.and(sql`rating >= ${userInput.rating}`); }That’s all Query Builder does. It let you avoid to write code like that
const values = []; const getPlaceholder = (value) => { values.push(value); return `$${values.length}`; }; const where = []; if (year) { where.push(`release_year = ${getPlaceholder(year)}`); } if (rating) { where.push(`rating >= ${getPlaceholder(rating)}`); } db.query( `SELECT title FROM movies ${where.length ? 'WHERE ' + where.join(' AND ') : ''} LIMIT 100`, values, );