Fixed #13648 - '%s' escaping support for sqlite3 regression.

Thanks to master for the report and initial patch, and salgado and others for work on the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16209 bcc190cf-cafb-0310-a4f2-bffc1f526a37
django · May 10, 2011 · 724c84f · 724c84f
1 parent 014cc89
commit 724c84f
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/django/db/backends/sqlite3/base.py b/django/db/backends/sqlite3/base.py
@@ -212,7 +212,7 @@ def close(self):
         if self.settings_dict['NAME'] != ":memory:":
             BaseDatabaseWrapper.close(self)
 
-FORMAT_QMARK_REGEX = re.compile(r'(?![^%])%s')
+FORMAT_QMARK_REGEX = re.compile(r'(?<!%)%s')
 
 class SQLiteCursorWrapper(Database.Cursor):
     """

diff --git a/tests/regressiontests/backends/tests.py b/tests/regressiontests/backends/tests.py
@@ -224,6 +224,20 @@ def receiver(sender, connection, **kwargs):
         self.assertTrue(data == {})
 
 
+class EscapingChecks(TestCase):
+
+    @unittest.skipUnless(connection.vendor == 'sqlite',
+                         "This is a sqlite-specific issue")
+    def test_parameter_escaping(self):
+        #13648: '%s' escaping support for sqlite3
+        cursor = connection.cursor()
+        response = cursor.execute(
+            "select strftime('%%s', date('now'))").fetchall()[0][0]
+        self.assertNotEqual(response, None)
+        # response should be an non-zero integer
+        self.assertTrue(int(response))
+
+
 class BackendTestCase(TestCase):
     def test_cursor_executemany(self):
         #4896: Test cursor.executemany