Opened 4 weeks ago
Closed 4 weeks ago
#36147 closed Uncategorized (needsinfo)
django oracle backend wildcard issue
| Reported by: | Terence Collins | Owned by: | |
|---|---|---|---|
| Component: | Database layer (models, ORM) | Version: | 5.1 |
| Severity: | Normal | Keywords: | oracle, db, backend, % |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
in django/db/backends/oracle/base.py, in _fix_for_params, line 542:
query %= args
will cause an error if the passed in string using an SQL wildcard, i.e. "custom_value like '%custom_value%'.
This can be avoided by escaping the "%" as "%%", but as this is an underlying function the resultant error can be hard to track down.
Change History (2)
comment:1 by , 4 weeks ago
comment:2 by , 4 weeks ago
| Resolution: | → needsinfo |
|---|---|
| Status: | new → closed |
(We can reopen when we have more details to replicate)
Note:
See TracTickets
for help on using tickets.
Can you give a concrete example of how to reproduce the problem? It sounds like you're writing raw SQL and not escaping it correctly. You recognize that this is your fault but ask if Django could raise a more helpful message. (Please tell me if I misinterpreted.)