import { PreparedQuery } from "https://deno.land/x/sqlite@v3.8/mod.ts";
Binds the given parameters to the query and returns an iterator over rows.
Using an iterator avoids loading all returned rows into memory and hence allows to process a large number of rows.
Calling iter, all, or first invalidates any iterators
previously returned from this prepared query.
Examples
const query = db.prepareQuery<[number, string]>("SELECT id, name FROM people");
for (const [id, name] of query.iter()) {
// ...
}
To avoid SQL injection, user-provided values should always be passed to the database through a query parameter.
const query = db.prepareQuery("SELECT id FROM people WHERE name = ?");
query.iter([name]);
const query = db.prepareQuery("SELECT id FROM people WHERE name = :name");
query.iter({ name });
See QueryParameterSet for documentation on
how values can be bound to SQL statements.
See QueryParameter for documentation on how
values are returned from the database.