use %q instead of "%s" for quoted strings
84
85func (db *DBConn) GetOldestPost(productId int64, field string) Post {
86 var post Post
87 query := fmt.Sprintf(`id = (SELECT MIN(id) FROM posts where product_id = %d) and product_id = %d and type && '{"%s"}'`, productId, productId, field) 88 db.Find(&post, query)
89 return post
90}use %q instead of "%s" for quoted strings
70 if lastId == 0 {
71 query = fmt.Sprintf(`product_id = %d and type && '{"%s"}'`, productId, field)
72 } else {
73 query = fmt.Sprintf(`product_id = %d and id < %d and type && '{"%s"}'`, productId, lastId, field) 74 }
75 } else {
76 if lastId == 0 {use %q instead of "%s" for quoted strings
68 var query string
69 if field != "" {
70 if lastId == 0 {
71 query = fmt.Sprintf(`product_id = %d and type && '{"%s"}'`, productId, field) 72 } else {
73 query = fmt.Sprintf(`product_id = %d and id < %d and type && '{"%s"}'`, productId, lastId, field)
74 }use %q instead of "%s" for quoted strings
13 field := strings.ToLower(c.Params("field"))
14 var post db.Post
15 if db.ValidType(field) {
16 query := fmt.Sprintf(`id = %s and type && '{"%s"}'`, postId, field)17 db.DB.Order("created_at desc").Preload("Product").Preload("User").Where(query).Find(&post)
18 return c.JSON(post)
19 }use %q instead of "%s" for quoted strings
34
35 var post db.DeletePost
36 var p db.Post
37 query := fmt.Sprintf(`id = %s and user_id = %d and type && '{"%s"}'`, postId, uint(id), field)38 db.DB.First(&p, query)
39 post = &p
40
Description
%q is same as "%s".
Bad practice
str := fmt.Sprintf("str: "%s"", "Hello World")
// str => str: "Hello World"
Recommended
str := fmt.Sprintf("str: %q", "Hello World")
// str => str: "Hello World"