Skip to content Skip to sidebar Skip to footer
Home / Javascript / Mysql / Node.js / Sequelize.js / Sql

Using Replacements With A Raw Sequelize Query: Avoiding Single Quotes?

Post a Comment
This probably has a really easy answer but I'm not seeing it. I want to do a raw query using Sequelize: var sequelize = require('sequelize'); sequelize .query('LOAD DATA LOCAL I

Solution 1:

If you're sure that datasetName will never contain any possibility of SQL injections, you can directly insert the table name into the query, like so:

sequelize
   .query("LOAD DATA LOCAL INFILE :file
           INTO TABLE dataset_" + datasetName + "
           FIELDS TERMINATED BY ',' ENCLOSED BY '\"' LINES TERMINATED BY '\n';",
          null,
          {raw:true}, {file: datasetPath})

The comment posted by mwarren doesn't really really work in this case - Sequelize is seeing that it is a string being inserted, and accordingly escapes it.

Solution 2:

the question is more generally stated: how do you get sequelize query replacements which are not supposed to be strings output? e.g. simple integer value in insert statement. The replacement values always are single quoted, no matter what. 🤷‍♂️

Post a Comment for "Using Replacements With A Raw Sequelize Query: Avoiding Single Quotes?"