Opened 4 years ago
Closed 4 years ago
#31589 closed Bug (invalid)
Raw queries do not work if any DB content column has the % symbol.
Reported by: | jotauses | Owned by: | nobody |
---|---|---|---|
Component: | Database layer (models, ORM) | Version: | 3.0 |
Severity: | Normal | Keywords: | raw query |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
Only fails if any DB content column has the % symbol.
query_postgresql = """SELECT *, similarity(titulo, '{0}') AS similarity FROM pdc_pdc ORDER BY similarity DESC;""" pdc = Pdc.objects.raw(query_postgresql.format(titulo_infocor))
Column "titulo" content = "This is a test 80%".
Traceback:
File "C:\Users\-----\AppData\Local\Programs\Python\Python38-32\lib\site-packages\django\db\backends\utils.py", line 86, in _execute return self.cursor.execute(sql, params) IndexError: tuple index out of range
Change History (1)
comment:1 by , 4 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
Summary: | Raw queries do not work if any DB content column has the % symbol → Raw queries do not work if any DB content column has the % symbol. |
Note:
See TracTickets
for help on using tickets.
My understanding is that you passed
titulo_infocor = "This is a test 80%"
, this is not supported and moreover you’re at risk for SQL injection. Please check Passing parameters into raw() or use one of support channels if you have further questions.