Question mark params not being replaced in runSql

[cullylarson]

I have some code like this:

db.runSql('INSERT INTO authGroups (id, isActive, isLocked, name, description, created) VALUES(?, TRUE, TRUE, ?, ?, NOW())', [id, name, description])

I expect that the question marks in sql will be replaced with the values from params (as the documentation describes). But the sql is being run with the question marks still there. I'm getting this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, TRUE, TRUE, ?, ?, NOW())'

These are the values of id, name, description:

id: '4dfad450-7c17-11e9-8808-0242ac170002'
name: 'Users'
description: 'Test.'

Btw, I'm using promises, not the callback function.

What's strange is if I add a callback function as the third parameter, the placeholders are replaced. This seems like a bug.

If I use this function instead of db.runSql, it works fine:

const runSql = (db, query, params) => new Promise((resolve, reject) => {
    db.runSql(query, params, (err, data) => {
        if(err) reject(err)
        else resolve(data)
    })
})

For example:

runSql(db, 'INSERT INTO authGroups (id, isActive, isLocked, name, description, created) VALUES(?, TRUE, TRUE, ?, ?, NOW())', [id, name, description])

---

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[benbotto]

https://github.com/db-migrate/mysql/blob/master/index.js#L375 That function's called from runSql and it's not quite right. It shift the first argument (sql), then pops the last. It blindly expects the last argument to be callback. It should probably check if the last argument is an array and, if so, treat it as params. If I get some time I'll try to fix it and file a PR.

[patlillis]

I am running into this bug as well. This prevents runSql from being used with Promises and async/await, which is a huge pain.