#14091: Fix incorrect quoting in connection.queries -------------------------------------+------------------------------------- Reporter: danielr | Owner: Type: Bug | Status: new Milestone: | Component: Database layer Version: 1.2 | (models, ORM) Resolution: | Severity: Normal Triage Stage: Ready for | Keywords: checkin | Has patch: 1 Needs documentation: 0 | Needs tests: 0 Patch needs improvement: 0 | Easy pickings: 0 -------------------------------------+------------------------------------- Changes (by aaugustin):
* stage: Accepted => Ready for checkin Comment: This new patch implements Alex and Jacob's recommendation. Regarding SQLite, parameters are substituted at line 642 in `_sqlite/cursor.c`: {{{ pysqlite_statement_bind_parameters(self->statement, parameters, allow_8bit_chars); }}} Unfortunately there is no way to reach `self->statement` from Python code. That's why I ended up quoting parameters with `SELECT QUOTE(?)`. -- Ticket URL: <http://code.djangoproject.com/ticket/14091#comment:14> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.