Opened 14 years ago

Closed 14 years ago

#15670 closed (invalid)

Doc issue: Some checking *is* performed on the SQL statement passed to raw()

Reported by: dbreslau Owned by: nobody
Component: Documentation Version: 1.2
Severity: Keywords:
Cc: dbreslau Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

The doc page for Performing Raw Queries says:

Warning

No checking is done on the SQL statement that is passed in to .raw(). Django expects that the statement will return a set of rows from the database, but does nothing to enforce that. If the query does not return rows, a (possibly cryptic) error will result.

This isn't entirely true. In db/models/sql/query.py, the RawQuery class contains a method, validate_sql, that throws an exception if the statement doesn't begin with "SELECT".

We'd actually rather it didn't do this check, as we'd like to be able to run an UPDATE...RETURNING (as supported by Oracle and PostgreSQL) via the raw query mechanism. But if it's going to do this, then the documentation should reflect the checking.

Change History (2)

comment:1 by dbreslau, 14 years ago

Cc: dbreslau added

comment:2 by Alex Gaynor, 14 years ago

Resolution: invalid
Status: newclosed

You've got a version sync issue, you're reading docs for a different version than the code, which no longer features such a check: http://code.djangoproject.com/changeset/15803

Note: See TracTickets for help on using tickets.
Back to Top