Django

Code

Ticket #967 (closed: fixed)

Opened 3 years ago

Last modified 2 years ago

[patch] Safe quoting of table names

Reported by: freakboy@iinet.net.au Assigned to: adrian
Milestone: Component: Database layer (models, ORM)
Version: Keywords: tables database safe quote quoting
Cc: Triage Stage: Unreviewed
Has patch: 1 Needs documentation: 0
Needs tests: 0 Patch needs improvement: 0

Description

A discussion on this thread of django-users lead to the suggestion that the contents provided to the "tables" kwarg of a database query should be optionally quoted (as happens for the "select" kwarg), rather the being arbitrarily quoted. This would allow the use of subselect clauses in the "tables" kwarg.

This patch moves the declaration of the 'safe quoting' function quote_only_if_word() a little earlier in its parent function, and uses the safe quoter on the contents of the tables clause.

Existing usage of nominating a table name in the tables=[] list is unaffected, as table names will not have spaces, and will therefore continue to be quoted.

Attachments

safe_quoted_tables.diff (1.6 kB) - added by freakboy@iinet.net.au on 11/30/05 05:31:27.
Patch for safe quoting of table names in db queries

Change History

11/30/05 05:31:27 changed by freakboy@iinet.net.au

  • attachment safe_quoted_tables.diff added.

Patch for safe quoting of table names in db queries

12/08/05 21:08:54 changed by adrian

  • status changed from new to closed.
  • resolution set to fixed.

(In [1581]) Fixed #967 -- 'tables' parameter in DB API is now only quoted if needed. Thanks, Russell Keith-Magee

Add/Change #967 ([patch] Safe quoting of table names)




Change Properties
Action