Doc issue: Some checking *is* performed on the SQL statement passed to raw()
|Reported by:||dbreslau||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
The doc page for Performing Raw Queries says:
No checking is done on the SQL statement that is passed in to .raw(). Django expects that the statement will return a set of rows from the database, but does nothing to enforce that. If the query does not return rows, a (possibly cryptic) error will result.
This isn't entirely true. In db/models/sql/query.py, the RawQuery class contains a method, validate_sql, that throws an exception if the statement doesn't begin with "SELECT".
We'd actually rather it didn't do this check, as we'd like to be able to run an UPDATE...RETURNING (as supported by Oracle and PostgreSQL) via the raw query mechanism. But if it's going to do this, then the documentation should reflect the checking.