Postgres could not determine data type of parameter $1 in Golang application

sql database postgresql go pq

Kurt Stolle · Oct 5, 2016 · Viewed 8.2k times · Source

I am creating an application in Golang that uses Postgres using the pq driver. I want to make a function that can select a user-determined field from my database, but I get an error:

pq: could not determine data type of parameter $1

Below is the code that generated this error:

var ifc interface{}

if err := conn.QueryRow("SELECT $1 FROM "+db+" WHERE uuid=$3 OR uri=$4 LIMIT 1", field, UUIDOrURI, UUIDOrURI).Scan(&ifc); err != nil {
    if err == sql.ErrNoRows {
        return http.StatusNotFound
    }

    log.Println(err)

    return http.StatusInternalServerError
}

Why can I not insert the field that I want to SELECT using $1? Is there another way to do this?

Answer

You cannot use placeholders for field names. You'll have to build the query directly, as in:

"SELECT `" + field + "` FROM "

To avoid SQL injections, make sure that the field is part of a list of allowed fields beforehand.

Postgres could not determine data type of parameter $1 in Golang application

Answer

Related questions