Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to pass order info to sequelize.js raw query?

Tags:

node.js

sequelize.js

In sequelize, I can use 

my_table.findAll({ order: [['datetime', 'desc']] })

to query data and order by a column. But when I try to use parameterized raw query like:

var input_parameters = {order_column: 'datetime', order: 'desc'};

sequelize.query('select * from my_table order by :order_column :order',     { replacements: input_parameters, type: models.sequelize.QueryTypes.SELECT });

It can't return the correct order because the order info asc/desc is escaped in the query, the final prepared query is like 'select * from my_table order by 'datetime' 'desc''.

Is there a way to pass order info to raw parameterized query?

like image 818
Tianyun Ling Avatar asked Dec 29 '25 00:12

Tianyun Ling

1 Answers

This might not be the sequelize way, but...what if:

let order_column = 'something';
let order = 'DESC';

sequelize.query(`select * from my_table order by ${order_column} ${order}`, { type: models.sequelize.QueryTypes.SELECT });

UPDATE: This is the right answer

await sequelize.query(
  'SELECT * FROM projects ORDER BY ? ?',
  {
    replacements: ['something', 'desc'],
    type: QueryTypes.SELECT,
  }
);

This way sequelize still protects you from sql injection.

like image 150
yBrodsky Avatar answered Dec 30 '25 13:12

yBrodsky
Sign in to Comment

Related questions

RethinkDB: Determine if there is a next document in result set

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!