id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
6343	% symbols not escaped in db_column column names when preparing queries	Daniel Pope <dan@…>	nobody	"Using {{{%}}} in database column names (specified using {{{db_column}}}) causes the database wrapper to fail when preparing queries.

This is because the {{{%}}} symbol is not properly quoted (as {{{%%}}}), and conflicts with the usage of {{{%s}}} for passing parameters to queries.

I am attaching a patch for the MySQL backend where I encountered the issue; I'm not sure if other backends exhibit this bug because it presumably depends both on whether the database's native capability to support {{{%}}} characters in column names, and on the [http://www.python.org/dev/peps/pep-0249/ Python DB-API] {{{paramstyle}}}."	Bug	new	Database layer (models, ORM)	dev	Normal				Accepted	1	0	1	0	0	0