dongsuo0517 2017-08-17 16:04
浏览 104
已采纳

在Golang中显示来自数据库的结果

I'm reading a MySQL query input from a form:

<h1>MySQL Page</h1>
<small>Perform queries and edit the database from here</small>
<form method="get" action="">
  <label for="sqlQuery">MySQL Query:</label>
  <input type="text" id="sqlQuery" name="sqlQuery">
  <button type="submit">Perform Query</button>
</form>

After that I want to display the results on the same page using GoLang, however it keeps telling me that:

# command-line-arguments
./sql.go:128: cannot convert results (type sql.Result) to type string

Please keep in mind, this is the first golang app I've ever written so I apologize if this is a simple issue, here is the golang code:

func sqlQueryHandler(response http.ResponseWriter, request *http.Request){
  userName := getUserName(request)
  db, err := sql.Open("mysql", userName)
  fmt.Fprintf(response, sqlPage)
  sqlCommand := request.FormValue("sqlQuery")
  //fmt.Fprintf(response, sqlCommand)
  if err != nil {
    fmt.Fprintf(response, "

An error occured during your MySQL command: %s", err)
    panic(err)
  } else {
    data, err := db.Exec(sqlCommand)
    if err != nil {
      http.Redirect(response, request, "/error", 302)
    } else {
      // display the output of the sql query here
    }
  }
}
  • 写回答

1条回答 默认 最新

  • dph6308 2017-08-17 17:12
    关注

    Here an example based on your code:

    func sqlQueryHandler(response http.ResponseWriter, request *http.Request) {
    var (
        userName   = getUserName(request)
        sqlCommand = request.FormValue("sqlQuery")
    )

    db, err := sql.Open("mysql", userName)
    if err != nil {
        fmt.Fprintf(response, "

An error occured during your MySQL command: %s", err)
        // if you panic you stop here anyway. no else needed
        panic(err)
    }
    rows, err := db.Query(sqlCommand)
    if err != nil {
        http.Redirect(response, request, "/error", 302)
        // return, so no else is needed
        return
    }

    if err != nil {
        panic(err)
    }
    defer rows.Close()
    for rows.Next() {
        var (
            name string
            age  int
        )
        if err := rows.Scan(&name, &age); err != nil {
            panic(err)
        }
        fmt.Printf("%s is %d
", name, age)
    }
    if err := rows.Err(); err != nil {
        panic(err)
    }
}

    There are several problems however with this approach:

    • You are passing the sql from outside the server. Anyone accessing this can read all the data from your server.
    • One of Go's strengths is being a typed language. Here you are building a general sql query function which contradicts the typed language paradigm. You can write general function dealing with differently structured data (like json.Unmarshal()) -- but especially early in programming go you shouldn't.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?
  • ¥15 求daily translation(DT)偏差订正方法的代码
  • ¥15 js调用html页面需要隐藏某个按钮
  • ¥15 ads仿真结果在圆图上是怎么读数的
  • ¥20 Cotex M3的调试和程序执行方式是什么样的?
  • ¥20 java项目连接sqlserver时报ssl相关错误
  • ¥15 一道python难题3
  • ¥15 牛顿斯科特系数表表示