问题
I am using node-postgres to write a web app backend, and I am running into this error:
error: could not determine data type of parameter $1
at Connection.parseE (/home/***/niche-api/node/node_modules/pg/lib/connection.js:539:11)
at Connection.parseMessage (/home/***/niche-api/node/node_modules/pg/lib/connection.js:366:17)
at Socket.<anonymous> (/home/***/niche-api/node/node_modules/pg/lib/connection.js:105:22)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
at readableAddChunk (_stream_readable.js:172:18)
at Socket.Readable.push (_stream_readable.js:130:10)
at TCP.onread (net.js:542:20)
The goal of my query is to accept a query parameter passed in from the node express app, but to not filter the database query if the parameter does not exist in the api call. For example, if my parameter is called variableType and it is set to tmax (e.g., variableType=tmax), the database only responds with records with variableType of tmax. If the endpoint is hit without the query parameter, the database returns all records.
My query is:
SELECT * FROM variableTypes WHERE 1 = 1 AND ($1 IS NULL or $1 = variableTypeAbbreviation);
And I am calling it like this:
app.get("/variables", function(req, res){
//get a list of the variables in the database
var variableType = req.query.variableType
if (variableType == undefined){
variableType = null;
}
var client = new pg.Client({
user: keys.user,
password: keys.password,
database: keys.dbName,
hostname: keys.hostname
})
client.connect(function(err){
if (err){
res.json(err);
}
var query = client.query({name: 'variableSelect', text: "SELECT * FROM variableTypes WHERE 1 = 1 AND ($1 IS NULL or $1 = variableTypeAbbreviation);", values:[variableType]});
console.log(query)
query.on('row', function(row, result){
console.log("Got row")
result.addRow(row)
})
query.on('end', function(result){
console.log("Done.")
res.json(result)
client.end()
})
I've narrowed it down to the problem being located in the section of the query ($1 IS NULL). I don't really know where to go from here. I've written a similar query in python (using psycopg2), which works, which makes me think that it is more related to the node package.
query = select variableTypeID, variableType, variableTypeAbbreviation
from variableTypes
WHERE 1 = 1
AND
(%(abbreviation)s is NULL or %(abbreviation)s LIKE lower(variableTypes.variableTypeAbbreviation) )
AND (%(fullName)s is NULL or %(fullName)s = variableTypes.variableType )
cursor.execute(query, {'fullName': fullName, 'abbreviation' : abbreviation})
Any advice is much appreciated!
回答1:
The problem is in $1 IS NULL, where $1 is treated as a dynamic column name, which is not allowed in prepared statements, due to the protections against SQL injection implemented by the database server.
UPDATE
If you want to format your queries freely, while also without the risk of an SQL injection, check out pg-promise. And to properly format names for schema, table or column see SQL Names.
来源:https://stackoverflow.com/questions/37845663/node-postgres-1-is-null-error