sql.QueryTyped

table or boolean sql.QueryTyped( string query, ... )

2025.05.29 Search Github

Recently Added

This was recently added in version (2025.05.29). It might only be available on the Dev Branch right now.

Description

Performs a query on the local SQLite database with proper type handling and parameter binding, returns a table as result set, empty table if no results, and false on error. Unlike sql.Query, this function properly handles SQLite data types and allows safe parameter binding to prevent SQL injection attacks.

This function only executes a single SQL statement, unlike sql.Query which can execute multiple statements separated by semicolons.
Large INTEGER values (beyond ±9,007,199,254,740,991) are returned as strings to preserve exact values. This is because Lua represents all numbers as doubles, which lose precision for integers larger than 2⁵³-1. Returning them as strings prevents data corruption from rounding errors.

Arguments

1 string query

The query to execute with optional ? parameter placeholders.

Always use parameter binding with ? placeholders instead of string concatenation to prevent SQL injection vulnerabilities.

2 vararg queryParams

Parameters to bind to the query placeholders. Supports nil, boolean, number, and string types.

The number of query parameters must match the number of ? placeholders, or the query will fail. See examples.

Returns

1 table or boolean

false is returned if there is an error (See sql.LastError), otherwise a table with properly typed column values (empty table if no results).

Example

Direct usage examples demonstrating typed queries with parameter binding for all SQLite data types.

-- Create table with all SQLite data types sql.Query([[CREATE TABLE IF NOT EXISTS test_table ( id INTEGER PRIMARY KEY, big_number BIGINT, small_number INTEGER, decimal_value DOUBLE, float_value REAL, is_enabled BOOLEAN, has_feature BOOL, user_name TEXT, binary_data BLOB, nill TEXT )]]) -- Insert data with direct parameter binding sql.QueryTyped([[INSERT INTO test_table ( big_number, small_number, decimal_value, float_value, is_enabled, has_feature, user_name, binary_data, nill ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ? )]], "76561198261855442", -- BIGINT as string (large Steam ID) 12345, -- INTEGER 999.99, -- DOUBLE 3.14159, -- REAL true, -- BOOLEAN (stored as 1) false, -- BOOL (stored as 0) "Player Name", -- TEXT "binary\0data\0here",-- BLOB (binary string with null bytes) nil -- NULLABLE TEXT ) -- Query with parameter binding local results = sql.QueryTyped("SELECT * FROM test_table WHERE big_number = ?", "76561198261855442") PrintTable(results)