Index: django/core/management.py =================================================================== --- django/core/management.py (revision 2813) +++ django/core/management.py (working copy) @@ -168,7 +168,13 @@ # We haven't yet created the table to which this field # is related, so save it for later. pr = pending_references.setdefault(f.rel.to, []).append((klass, f)) - table_output.append(' '.join(field_output)) + if f.default <> models.fields.NOT_PROVIDED: + try: + escaped_string = django.db.backend.escapechars(f.default) + field_output.append(style.SQL_KEYWORD("DEFAULT '%s'" % (escaped_string,))) + except NotImplemented: + pass + table_output.append(' '.join(field_output)) if opts.order_with_respect_to: table_output.append(style.SQL_FIELD(backend.quote_name('_order')) + ' ' + \ style.SQL_COLTYPE(data_types['IntegerField']) + ' ' + \ Index: django/db/backends/ado_mssql/base.py =================================================================== --- django/db/backends/ado_mssql/base.py (revision 2813) +++ django/db/backends/ado_mssql/base.py (working copy) @@ -110,6 +110,15 @@ return "Convert(datetime, Convert(varchar, DATEPART(year, %s)) + '/' + Convert(varchar, DATEPART(month, %s)) + '/01')" % (field_name, field_name) if lookup_type=='day': return "Convert(datetime, Convert(varchar(12), %s))" % field_name + +def escapechars(raw_str): + "Escapes problematic characters from SQL in a backend-specific way" + working_str = str(raw_str) + rawchars = ['"',"'"] + cookedchars = ['""',"''"] + for i in range(0,len(rawchars)): + working_str = working_str.replace(rawchars[i],cookedchars[i]) + return working_str def get_limit_offset_sql(limit, offset=None): # TODO: This is a guess. Make sure this is correct. @@ -137,4 +146,4 @@ 'endswith': 'LIKE %s', 'istartswith': 'LIKE %s', 'iendswith': 'LIKE %s', -} +} Index: django/db/backends/dummy/base.py =================================================================== --- django/db/backends/dummy/base.py (revision 2813) +++ django/db/backends/dummy/base.py (working copy) @@ -27,11 +27,12 @@ quote_name = complain dictfetchone = complain dictfetchmany = complain -dictfetchall = complain +dictfetchall = complain +escapechars = complain get_last_insert_id = complain get_date_extract_sql = complain get_date_trunc_sql = complain get_limit_offset_sql = complain get_random_function_sql = complain get_drop_foreignkey_sql = complain -OPERATOR_MAPPING = {} +OPERATOR_MAPPING = {} \ No newline at end of file Index: django/db/backends/mysql/base.py =================================================================== --- django/db/backends/mysql/base.py (revision 2813) +++ django/db/backends/mysql/base.py (working copy) @@ -139,6 +139,15 @@ sql = "CAST(DATE_FORMAT(%s, '%s') AS DATETIME)" % (field_name, format_str) return sql +def escapechars(raw_str): + "Escapes problematic characters from SQL in a backend-specific way" + working_str = str(raw_str) + rawchars = ['\\','"',"'"] + cookedchars = ['\\\\','\\"',"\\'"] + for i in range(0,len(rawchars)): + working_str = working_str.replace(rawchars[i],cookedchars[i]) + return working_str + def get_limit_offset_sql(limit, offset=None): sql = "LIMIT " if offset and offset != 0: @@ -164,4 +173,4 @@ 'endswith': 'LIKE BINARY %s', 'istartswith': 'LIKE %s', 'iendswith': 'LIKE %s', -} +} \ No newline at end of file Index: django/db/backends/postgresql/base.py =================================================================== --- django/db/backends/postgresql/base.py (revision 2813) +++ django/db/backends/postgresql/base.py (working copy) @@ -89,6 +89,15 @@ # http://www.postgresql.org/docs/8.0/static/functions-datetime.html#FUNCTIONS-DATETIME-TRUNC return "DATE_TRUNC('%s', %s)" % (lookup_type, field_name) +def escapechars(raw_str): + "Escapes problematic characters from SQL in a backend-specific way" + working_str = str(raw_str) + rawchars = ['\\','"',"'"] + cookedchars = ['\\\\','\\"',"''"] + for i in range(0,len(rawchars)): + working_str = working_str.replace(rawchars[i],cookedchars[i]) + return working_str + def get_limit_offset_sql(limit, offset=None): sql = "LIMIT %s" % limit if offset and offset != 0: @@ -125,4 +134,4 @@ 'endswith': 'LIKE %s', 'istartswith': 'ILIKE %s', 'iendswith': 'ILIKE %s', -} +} \ No newline at end of file Index: django/db/backends/sqlite3/base.py =================================================================== --- django/db/backends/sqlite3/base.py (revision 2813) +++ django/db/backends/sqlite3/base.py (working copy) @@ -76,7 +76,7 @@ return query % tuple("?" * num_params) supports_constraints = False - + def quote_name(name): if name.startswith('"') and name.endswith('"'): return name # Quoting once is enough. @@ -119,6 +119,16 @@ def get_drop_foreignkey_sql(): return "" +def escapechars(raw_str): + "Escapes problematic characters from SQL in a backend-specific way" + # sqlite will happily accept a variety of characters without complaint. Single-quotes, however, must be doubled. + working_str = str(raw_str) + rawchars = ["'",] + cookedchars = ["''",] + for i in range(0,len(rawchars)): + working_str = working_str.replace(rawchars[i],cookedchars[i]) + return working_str + def _sqlite_date_trunc(lookup_type, dt): try: dt = util.typecast_timestamp(dt) @@ -148,3 +158,4 @@ 'istartswith': "LIKE %s ESCAPE '\\'", 'iendswith': "LIKE %s ESCAPE '\\'", } +