Is there a way to turn off query parametrization in TypeORM?

199 Views Asked by zmii At 30 October 2020 at 14:16

I'm using TypeORM with MS SQL Server.

In TypeORM default set up SQL queries, generated by .insert and .update methods are compiling in parametrized queries in SQL.

Is there a way to switch to inlining of data instead of parametrization?

P.S. I know about possibility of SQL injections in this case, but:

my data is validated before being persisted in my code and
from tests (we operate with big data sets (5m record with 1 column - integer, 10K records with 30 columns of different data types) that needs to be inserted or based on them, existing rows should be updated) - insert without parametrization works much faster.

Original Q&A

There are 1 best solutions below

Jim On 03 November 2020 at 22:57

You can use this style of inserts:

await getConnection()
  .createQueryBuilder()
  .insert()
  .into(User)
  .values({ 
      firstName: "Timber", 
      lastName: () => "CONCAT('S', 'A', 'W')"
  })
.execute();

And as you are aware, you need to escape anything inserted that way to protect against SQL injection.

Is there a way to turn off query parametrization in TypeORM?

There are 1 best solutions below

Related Questions in NODE.JS

Related Questions in TYPEORM

Related Questions in TYPEORM-ACTIVERECORD

Trending Questions

Popular # Hahtags

Popular Questions