Hello guys, I’m making an attempt to make use of gorm to create a brand new person for my native mysql,it fails when I attempt to use “?”in gormdb.exec:
err := db.Exec("CREATE USER ? IDENTIFIED BY ?", a.Identify, a.Pwd).Error
And it returns error:
[1.824ms] [rows:0] CREATE USER 'Reiis' IDENTIFIED BY '12345' Error 1064 (42000): You've gotten an error in your SQL syntax; examine the handbook that corresponds to your MySQL server model for the fitting syntax to make use of close to '? IDENTIFIED BY ?' at line 1
Looks like gorm didn’t swap the “?” with a.Identify? but it surely additionally prints the proper SQL line on the display.
When I attempt to run the code beneath it really works:
cmd := fmt.Sprintf("CREATE USER '%s' IDENTIFIED BY '%s'", a.Identify, a.Pwd) err := db.Exec(cmd).Error
It’s simply so bizarre. Does anybody know what the issue is? Thx!
Not the whole lot will be parameterized, and
CREATE USER is one such instance.
Why are you creating database customers out of your software?
So it’s not a bug however a function? Truly I wish to make some type of management supervisor over MySQL clusters and utilizing GORM to keep away from sql injection. Is there any higher methods to understand these options ? Thanks!