I've been working with MyMySQL and currently have written an API call that takes a variable number of parameters and generates a search query. I have been trying to bind the passed in parameters to protect against SQL injection, however I cannot seem to figure out how to handle a variable amount of parameters. The Bind function signature looks like:
Bind(params ...interface{})
Although I guessed both solutions wouldn't work, I tried binding each parameter one at a time in a loop, and then also tried passing in a []interface{} containing all of the parameter values.
Is there anyway to handle this solution? Struct binding wont work since I could have multiple values per each field. For instance, I could have 1 or 10 company IDs passed back to me.