mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-03 18:38:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fixed #9055 -- Standardized behaviour of parameter escaping in db cursors

Browse source 
Previously, depending on the database backend or the cursor type,
you'd need to double the percent signs in the query before passing
it to cursor.execute. Now cursor.execute consistently need percent
doubling whenever params argument is not None (placeholder substitution
will happen).
Thanks Thomas Güttler for the report and Walter Doekes for his work
on the patch.
This commit is contained in:
Claude Paroz 2013-03-23 16:09:56 +01:00
parent e7514e4978
commit 76aecfbc4b
7 changed files with 43 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/topics/db/sql.txt
View file

@ -227,6 +227,12 @@ For example::
were committed to the database. Since Django now defaults to database-level
autocommit, this isn't necessary any longer.
Note that if you want to include literal percent signs in the query, you have to
double them in the case you are passing parameters::
cursor.execute("SELECT foo FROM bar WHERE baz = '30%'")
cursor.execute("SELECT foo FROM bar WHERE baz = '30%%' and id = %s", [self.id])
If you are using :doc:`more than one database </topics/db/multi-db>`, you can
use ``django.db.connections`` to obtain the connection (and cursor) for a
specific database. ``django.db.connections`` is a dictionary-like