diff options
| author | David Smith <smithdc@gmail.com> | 2025-07-25 10:24:17 +0100 |
|---|---|---|
| committer | nessita <124304+nessita@users.noreply.github.com> | 2025-08-25 10:51:10 -0300 |
| commit | f81e6e3a53ee36e3f730a71aa55a5744982dd016 (patch) | |
| tree | 44a4fdd64e2d1489d80b1af8bd1ac3c7af3ad0dd /docs/topics/db/sql.txt | |
| parent | 4286a23df64f6ce3b9b6ed097f4d1aac7d9e0de4 (diff) | |
Refs #36485 -- Rewrapped docs to 79 columns line length.
Lines in the docs files were manually adjusted to conform to the
79 columns limit per line (plus newline), improving readability and
consistency across the content.
Diffstat (limited to 'docs/topics/db/sql.txt')
| -rw-r--r-- | docs/topics/db/sql.txt | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/docs/topics/db/sql.txt b/docs/topics/db/sql.txt index 4504eb6fce..6aafa2c3b5 100644 --- a/docs/topics/db/sql.txt +++ b/docs/topics/db/sql.txt @@ -49,7 +49,8 @@ This method takes a raw SQL query, executes it, and returns a can be iterated over like a normal :class:`~django.db.models.query.QuerySet` to provide object instances. -This is best illustrated with an example. Suppose you have the following model:: +This is best illustrated with an example. Suppose you have the following +model:: class Person(models.Model): first_name = models.CharField(...) @@ -93,13 +94,13 @@ make it very powerful. .. warning:: - If you are performing queries on MySQL, note that MySQL's silent type coercion - may cause unexpected results when mixing types. If you query on a string - type column, but with an integer value, MySQL will coerce the types of all values - in the table to an integer before performing the comparison. For example, if your - table contains the values ``'abc'``, ``'def'`` and you query for ``WHERE mycolumn=0``, - both rows will match. To prevent this, perform the correct typecasting - before using the value in a query. + If you are performing queries on MySQL, note that MySQL's silent type + coercion may cause unexpected results when mixing types. If you query on a + string type column, but with an integer value, MySQL will coerce the types + of all values in the table to an integer before performing the comparison. + For example, if your table contains the values ``'abc'``, ``'def'`` and you + query for ``WHERE mycolumn=0``, both rows will match. To prevent this, + perform the correct typecasting before using the value in a query. Mapping query fields to model fields ------------------------------------ @@ -302,8 +303,8 @@ For example:: To protect against SQL injection, you must not include quotes around the ``%s`` placeholders in the SQL string. -Note that if you want to include literal percent signs in the query, you have to -double them in the case you are passing parameters:: +Note that if you want to include literal percent signs in the query, you have +to double them in the case you are passing parameters:: cursor.execute("SELECT foo FROM bar WHERE baz = '30%'") cursor.execute("SELECT foo FROM bar WHERE baz = '30%%' AND id = %s", [self.id]) |