Fix a regression with executing SQL containing '%' characters.

Review Request #11106 — Created July 30, 2020 and submitted

Information

Django Evolution
master

Reviewers

The new code for normalizing SQL statements and executing them ensured
that the parameters passed in to cursor.execute() was always a
tuple, even if empty. This wasn't correct, since it would trigger an
attempt at string interpolation any time the SQL contained a %
character (such as in a LIKE 'prefix%' condition).

Normally, it'd be up to the caller to either escape the %, or to
provide None as parameters to the statement. These were, in fact,
None, and we were converting tha to an empty tuple. This change
fixes this behavior so that we preserve the type of the parameters
provided by the caller.

Unit tests pass on all supported versions of Django and on all
databases.

Encountered this with the upcoming work on constraint support. Verified
that this no longer triggered crashes executing SQL.

Summary ID
Fix a regression with executing SQL containing '%' characters.
The new code for normalizing SQL statements and executing them ensured that the parameters passed in to `cursor.execute()` was always a tuple, even if empty. This wasn't correct, since it would trigger an attempt at string interpolation any time the SQL contained a `%` character (such as in a `LIKE 'prefix%'` condition). Normally, it'd be up to the caller to either escape the `%`, or to provide `None` as parameters to the statement. These were, in fact, `None`, and we were converting tha to an empty tuple. This change fixes this behavior so that we preserve the type of the parameters provided by the caller.
0bce8997f5d4a57d3ae95c31a9236de0d4aa6105
david
  1. Ship It!
  2. 
      
chipx86
Review request changed
Status:
Completed
Change Summary:
Pushed to master (8abff18)