( sql: any, table: string, data: Record<string, unknown>, where: string )
| 154 | } |
| 155 | |
| 156 | export async function executeUpdate( |
| 157 | sql: any, |
| 158 | table: string, |
| 159 | data: Record<string, unknown>, |
| 160 | where: string |
| 161 | ): Promise<{ rows: unknown[]; rowCount: number }> { |
| 162 | validateWhereClause(where) |
| 163 | |
| 164 | const sanitizedTable = sanitizeIdentifier(table) |
| 165 | const columns = Object.keys(data) |
| 166 | const sanitizedColumns = columns.map((col) => sanitizeIdentifier(col)) |
| 167 | const setClause = sanitizedColumns.map((col, index) => `${col} = $${index + 1}`).join(', ') |
| 168 | const values = columns.map((col) => data[col]) |
| 169 | |
| 170 | const query = `UPDATE ${sanitizedTable} SET ${setClause} WHERE ${where} RETURNING *` |
| 171 | const result = await sql.unsafe(query, values) |
| 172 | |
| 173 | const rowCount = result.count ?? result.length ?? 0 |
| 174 | return { |
| 175 | rows: Array.isArray(result) ? result : [result], |
| 176 | rowCount, |
| 177 | } |
| 178 | } |
| 179 | |
| 180 | export async function executeDelete( |
| 181 | sql: any, |
no test coverage detected