Parameterized Statements
The following code example shows how to bind parameters to create parameterized statements.
Single-Use Statements
The Query and Exec functions both accept additional parameters for binding query parameters to values.
rows, _ := db.Query("SELECT actor.attributes.email, repository.name FROM [publicdata].[samples].github_nested WHERE repository.name = ?", "EntityFramework")
defer rows.Close()
for rows.Next() {
var (
actor.attributes.email string
repository.name string
)
rows.Scan(&actor.attributes.email, &repository.name)
fmt.Printf("actor.attributes.email = %s, repository.name = %s\n", actor.attributes.email, repository.name)
}
Reusable Statements
The Prepare function creates prepared Stmt objects, which can be re-used across multiple Query and Exec calls.
stmt, _ := db.Prepare("SELECT actor.attributes.email, repository.name FROM [publicdata].[samples].github_nested WHERE repository.name = ?")
defer stmt.Close()
rows, _ := stmt.Query("EntityFramework 1")
defer rows.Close()
for rows.Next() {
var (
actor.attributes.email string
repository.name string
)
rows1.Scan(&actor.attributes.email, &repository.name)
fmt.Printf("actor.attributes.email = %s, repository.name = %s\n", actor.attributes.email, repository.name)
}
rows, _ = stmt.Query("EntityFramework 2")
defer rows.Close()
for rows.Next() {
var (
actor.attributes.email string
repository.name string
)
rows2.Scan(&actor.attributes.email, &repository.name)
fmt.Printf("actor.attributes.email = %s, repository.name = %s\n", actor.attributes.email, repository.name)
}