Skip to content

D
django
Kaydet (Commit) 7bf3ba0d authored tarafından petedmarsh's avatar petedmarsh Kaydeden (comit) Tim Graham
Dosyalara gözat
Seçenekler

Fixed #26899 -- Documented why RawSQL params is a required parameter.

üst ca32979c
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 1 deletion
docs/ref/models/expressions.txt
Dosyayı görüntüle @ 7bf3ba0d
...@@ -459,7 +459,9 @@ should avoid them if possible. ...@@ -459,7 +459,9 @@ should avoid them if possible.
You should be very careful to escape any parameters that the user can You should be very careful to escape any parameters that the user can
control by using ``params`` in order to protect against :ref:`SQL injection control by using ``params`` in order to protect against :ref:`SQL injection
attacks <sql-injection-protection>`. attacks <sql-injection-protection>`. ``params`` is a required argument to
force you to acknowledge that you're not interpolating your SQL with user
provided data.
.. currentmodule:: django.db.models .. currentmodule:: django.db.models
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment