How to use the transformer inside the SQL query?

ckissi · March 26, 2020, 4:11pm

Is it possible to use transformer in the Where statement of the SQL thats associated with the table data?

    WHERE
  ac.email ILIKE {{  '%' + emailSearch.value + '%'  }}
  AND cu.first_name || ' ' || cu.last_name ILIKE {{  '%' + nameSearch.value + '%'  }}
  AND (ac.phone_number ILIKE {{  '%' + phoneSearch.value + '%'  }}  {{ phone_sql.value }})

{{ phone_sql.value }} is a transformer

transformer looks like this:

const empty = "";
const query = " OR ac.phone_number is null";
if({{ phoneSearch.value }} !== '') return empty;
return query;

I’m getting this error: syntax error at or near “$4”

ckissi · March 26, 2020, 5:26pm

To me it seems like retool is using standard binding for params in SQL. This is why it ignores complex SQL like string.

Is there a workaround for this?

kent · March 26, 2020, 5:28pm

Hey ckissi – you have to explicitly set this setting on your database resource. Go to the resource settings page and check “Disable converting queries to prepared statements”, then it should work how you expect!

ckissi · March 26, 2020, 6:02pm

When I click the checkbox “Disable converting queries to prepared statements” and I click “save” it shows message that it was saved but after refresh its unchecked again.

kent · March 26, 2020, 10:34pm

Hmm, I just tried it on my end and it worked. Does this persist after a refresh?

ckissi · May 14, 2020, 5:22pm

Hmm, I've tried now again and I cant save it. When I refresh the page box is unchecked.

alex-w · May 15, 2020, 1:52am

@ckissi Could you try setting up another copy of the resource with the option disabled? It could be good to keep that separate anyways to limit the surface area that you need to worry about SQL injection on. I’m thinking this could have something to do with the active SSH tunnel, but if you have more issues message us in on the blue chat Icon inside Retool so we can get some account specific info from you about the setup.

mcleet · October 25, 2022, 6:45pm

@alex-w where is the documentation on how Retool handles query and IN statements, etc?

Kabirdas · October 28, 2022, 12:18am

Hey @mcenedella!

You can check out our SQL cheatsheet to see how Retool deals with arrays in a variety of different SQL resources.

An important thing to keep in mind is that whether or not you have prepared statements impacts how Retool interprets the value of transformers in each SQL query, e.g.

{{ 'hello' }} with prepared statements is parsed as 'hello'
{{ 'hello' }} without prepared statements is parsed as hello

Curious to know if you're running into any issues in particular! If you are feel free to share them here and we can help work through them with you

Topic		Replies	Views
SQL Update based on transformer Queries and Resources sql , transformer	3	1044	February 27, 2023
Disabled Prepared Statements for Query JSON with SQL Queries and Resources query-json-with-sql	6	741	October 21, 2022
Using Query Builder with an uploaded csv Queries and Resources	4	1059	July 27, 2023
Question with SelectValue as ColumnName and "Disable converting queries to prepared statements" App Building query-json-with-sql	8	683	August 3, 2023
Using Javascript to generate postgres query fragments Queries and Resources	4	324	November 13, 2023

How to use the transformer inside the SQL query?

Related Topics