mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-04 02:48:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[5.0.x] Corrected code-block directives in docs.

Browse source 
Backport of 0be6dde817 from main
This commit is contained in:
Mariusz Felisiak 2023-12-28 19:52:15 +01:00
parent 454269b2e1
commit f33eddff8a
4 changed files with 14 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/ref/models/expressions.txt
View file

@ -757,9 +757,7 @@ should avoid them if possible.
your SQL with user-provided data.
You also must not quote placeholders in the SQL string. This example is
vulnerable to SQL injection because of the quotes around ``%s``:
.. code-block:: pycon
vulnerable to SQL injection because of the quotes around ``%s``::
RawSQL("select col from sometable where othercol = '%s'") # unsafe!