Single quotes get escaped twice when creating admin log

[anonymous]

I'm using Django 0.96, Python 2.4.4, MySql 5.0.32 (all from Debian Etch).

Some field descriptions in models.py contain apostropes, or single quotes ('). They are correctly escaped in the file and displayed perfectly in the admin.
Later, though, when I save a new or modified record, and Django tries to add the admin log entry into the django_admin_log database, I get execution stopped with a MySql warning: "Incorrect string value". Digging a bit into the problem, I found that this is a query escaping problem.

It happens in the BaseCursor.execute() method. It gets called with a query variable that's like

'INSERT INTO `table` (`field1`,`field2`) VALUES (%s,%s)'

and the args are

['value1',"i'm another value"]

then come these two lines:

query = query.encode(charset)
query = query % db.literal(args)

And now the query looks like

"INSERT INTO `table` (`field1`,`field2`) VALUES ('value1','i\\'m another value')"

Of course MySql goes on until the escaped backslash, then there's a single quote and the value string ends... what is m another value' ?

So... something escapes that single quote twice instead of once.

[anonymous]

This happens also for double quotes.

However, I'm now almost convinced that it's a bug in the MySQLdb Python package, rather than in Django. So, if a site admin can confirm, please close this.

[Jacob]

Yeah, Django relies on the backend to correctly interpolate values; if MySQLdb is doing it wrong, that's a problem that needs to be fixed upstream. However, I'm 99% sure that this is an old version of MySQLdb since I can't reproduce this with my current version at all.