dsue14118 2018-11-27 14:05
浏览 256
已采纳

格式化包含'%'golang的字符串[重复]

This question already has an answer here:

I have an SQL query that looks like this:

SELECT name FROM sessions WHERE name ILIKE 'org_name.%';

but I'm actually interested in replacing 'org_name' with format string (%s).
I was trying to do something like this:

query := fmt.Sprintf("SELECT name FROM sessions WHERE name ILIKE '%s.%'", "org_name2")

but go seems to not like it, since writing %' isn't valid as format string.
I know I can solve it with do it in that way:

orgName := "org_name2"
condition := fmt.Sprintf("%s", orgName) + ".%"
query := fmt.Sprintf("SELECT name FROM sessions WHERE name ILIKE '%s'", condition)


but, I'd rather not, since the variable here is solely the org_name.
Is there a solution for this?
Thanks!

</div>
  • 写回答

2条回答 默认 最新

  • douqihua6212 2018-11-27 14:08
    关注

    As documented in the fmt package, a literal % can be represented by %% in a printf format string:

    query := fmt.Sprintf("SELECT name FROM sessions WHERE name ILIKE '%s.%%'", orgName)

    But be aware, you should NEVER, EVER build your SQL queries this way! You are potentially opening yourself for SQL injection attacks. Instead, you should pass parameterized arguments:

    query := "SELECT name FROM sessions WHERE name ILIKE ?"
rows, err := db.Query(query, orgName + ".%")
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
  • ¥15 基于卷积神经网络的声纹识别
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?
  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图