I am using "database/sql" package in GO. I want to create a table of variable name.
Only way I can think of is-
db.Exec(`CREATE TABLE`+table_name+`;`)
But it is not safe as there can be SQL injection.
I am using "database/sql" package in GO. I want to create a table of variable name.
Only way I can think of is-
db.Exec(`CREATE TABLE`+table_name+`;`)
But it is not safe as there can be SQL injection.
I don't code in GO, but this would probably be safe for injection:
tx.Prepare(`do $$ begin execute format($f$create table %I()$f$,$1); end; $$;`)
and then
stmt.Exec(table_name)