Skip to content

Comments

Prepare parametrized PG query for showing query parameters in web panel#405

Open
unavailabl3 wants to merge 1 commit intoMiniProfiler:masterfrom
unavailabl3:master
Open

Prepare parametrized PG query for showing query parameters in web panel#405
unavailabl3 wants to merge 1 commit intoMiniProfiler:masterfrom
unavailabl3:master

Conversation

@unavailabl3
Copy link

@unavailabl3 unavailabl3 commented Oct 8, 2019

Since Rails 5 has parametrizied query statement like this:
SELECT * FROM 'items' WHERE 'item'.'id' = $1 [['id',123]]
So in panel we see $1 instead of 123
Params are not shown in rack-mini-profiler panel. This commit is a hack (ONLY FOR POSTGRESQL) to see params. Like this we can add for other DBs.
P.S. May be commit needs refactoring for optimization

SamSaffron
SamSaffron reviewed Oct 8, 2019
View reviewed changes
@unavailabl3 unavailabl3 force-pushed the master branch 2 times, most recently from 584553e to 006120a Compare October 9, 2019 07:06
SamSaffron
SamSaffron reviewed Oct 9, 2019
View reviewed changes
SamSaffron
SamSaffron reviewed Oct 9, 2019
View reviewed changes
lib/patches/db/pg.rb Outdated
counter = 0
loop do
break if !query.include? "$#{counter+=1}"
query = query.sub("$#{counter}",parameters[counter-1].to_s)
Copy link
Member

@SamSaffron SamSaffron Oct 9, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

subbing is a bit confusing and can cause a nonsense query to be logged in some cases. For example:

$1 -> hello world's, which technically would need to be 'hello world''s' I think

Copy link
Member

@SamSaffron SamSaffron Oct 9, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

an alternative may be a preamble comment that explains the param so there is not confusion. also I think you technically want gsub here, also what if more than 10 params?

$1 -> \* $1 *\ 'hello-world''s'

Copy link
Author

@unavailabl3 unavailabl3 Oct 9, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What will happen if more than 10 params?
Example from my project
SELECT tag_id FROM categories_tags WHERE category_id IN (11,3001,8794,8797,8788,8784,8783,3682,8789,3683,3680,3005,3686,3685,3684,3681,3679,8793,8787,3004,3006,8343,8791,8348,8354,3000,3003,3010,3007,3002,2999,8792,8795);

@nateberkopec
Copy link
Collaborator

nateberkopec commented Mar 28, 2023

This is still an issue on master, and there are no conflicts here, so despite the age I will leave this open.

@kbrock
Copy link
Contributor

kbrock commented Sep 16, 2025
edited
Loading

I like having the parameters separate. I want to know what is actually sent to the server. (easier to detect N+1).
But I use my own rack-mini-profiler client to fetch the sql, so I probably don't see the same issue.

Is the issue that the parameters are not showing in the UI?
Seems like a js/ui issue not a storage issue.

But comment if you feel we should modify the sql before we store it. I can look at this.

Also, historically, I was under the impression that people were concerned about the parameter values being leaked. It may be the reason the parameters were not included into the ui. Not sure if the hide parameter regex met people's concerns.

@kbrock
Copy link
Contributor

kbrock commented Oct 3, 2025

Then again, I always put the params back into the query when running it.
Could we do this when sending down the queries to the ui?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SamSaffron SamSaffron SamSaffron left review comments

Assignees

No one assigned

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@unavailabl3 @nateberkopec @kbrock @SamSaffron