From d5c04da35c85253840e187d3207ba60b83e1da81 Mon Sep 17 00:00:00 2001 From: vivekpatil017 Date: Thu, 16 Jul 2026 02:02:36 +0530 Subject: [PATCH] docs: add Repository.execute examples Signed-off-by: vivekpatil017 --- docs/site/Executing-database-commands.md | 66 ++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/docs/site/Executing-database-commands.md b/docs/site/Executing-database-commands.md index dd8c7fea3e66..16bdd5277f75 100644 --- a/docs/site/Executing-database-commands.md +++ b/docs/site/Executing-database-commands.md @@ -30,6 +30,72 @@ Example use: const result = await repository.execute('SELECT * FROM Products'); ``` +## Examples + +### MySQL + +Use parameterized queries to avoid SQL injection attacks. + +```ts +const result = await repository.execute('SELECT * FROM Products WHERE id = ?', [ + productId, +]); +``` + +### PostgreSQL + +```ts +const result = await repository.execute( + 'SELECT * FROM Products WHERE id = $1', + [productId], +); +``` + +### MongoDB + +```ts +const result = await repository.execute('MyCollection', 'aggregate', [ + {$unwind: '$data'}, + {$out: 'tempData'}, +]); +``` + +Use parameterized queries whenever possible instead of constructing SQL strings +manually. + +## Examples + +### MySQL + +Use parameterized queries to avoid SQL injection attacks. + +```ts +const result = await repository.execute('SELECT * FROM Products WHERE id = ?', [ + productId, +]); +``` + +### PostgreSQL + +```ts +const result = await repository.execute( + 'SELECT * FROM Products WHERE id = $1', + [productId], +); +``` + +### MongoDB + +```ts +const result = await repository.execute('MyCollection', 'aggregate', [ + {$unwind: '$data'}, + {$out: 'tempData'}, +]); +``` + +Use parameterized queries whenever possible instead of constructing SQL strings +manually. + See API docs for parameter reference, additional information and examples: - [SQL variant](./apidocs/repository.defaultcrudrepository.execute.md)