Opened 13 years ago
Closed 13 years ago
#15670 closed (invalid)
Doc issue: Some checking *is* performed on the SQL statement passed to raw()
| Reported by: | dbreslau | Owned by: | nobody |
|---|---|---|---|
| Component: | Documentation | Version: | 1.2 |
| Severity: | Keywords: | ||
| Cc: | dbreslau | Triage Stage: | Unreviewed |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
The doc page for Performing Raw Queries says:
Warning
No checking is done on the SQL statement that is passed in to .raw(). Django expects that the statement will return a set of rows from the database, but does nothing to enforce that. If the query does not return rows, a (possibly cryptic) error will result.
This isn't entirely true. In db/models/sql/query.py, the RawQuery class contains a method, validate_sql, that throws an exception if the statement doesn't begin with "SELECT".
We'd actually rather it didn't do this check, as we'd like to be able to run an UPDATE...RETURNING (as supported by Oracle and PostgreSQL) via the raw query mechanism. But if it's going to do this, then the documentation should reflect the checking.
Change History (2)
comment:1 by , 13 years ago
| Cc: | added |
|---|
comment:2 by , 13 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
You've got a version sync issue, you're reading docs for a different version than the code, which no longer features such a check: http://code.djangoproject.com/changeset/15803