It looks correct to me. RawSQL is defining a parameter to be included in the query. The RawSQL expression itself is used in the select and on the left hand side of the WHERE clause, so the parameter needs to be included there. The right hand side of the WHERE clause is a regular string (which just happens to also be named "value") which Django will always parameterise and has nothing to do with the RawSQL expression itself.
Is there some reason you think there's an issue with the SQL being constructed? On Sunday, 15 April 2018 12:25:48 UTC+10, Maximiliano Robaina wrote: > > Hi, > > Testing expressions test app, the query generated into > BasicExpressionsTests.test_annotate_values_filter method: > > companies = Company.objects.annotate( > foo=RawSQL('%s', ['value']), > ).filter(foo='value').order_by('name') > > Generate: > > 'SELECT "EXPRESSIONS_COMPANY"."ID", "EXPRESSIONS_COMPANY"."NAME", > "EXPRESSIONS_COMPANY"."NUM_EMPLOYEES", "EXPRESSIONS_COMPANY"."NUM_CHAIRS", > "EXPRESSIONS_COMPANY"."CEO_ID", > "EXPRESSIONS_COMPANY"."POINT_OF_CONTACT_ID", ? AS "FOO" FROM > "EXPRESSIONS_COMPANY" WHERE ? = ? ORDER BY "EXPRESSIONS_COMPANY"."NAME" ASC' > > This sql command has 3 params (?), two of which are out of where clause. > > ? AS "FOO" > > WHERE ? = ? > > > So, the underlying database driver execute this, doing something like this > > cursor.execute(sql, ['value', 'value', 'value']) > > Is correct that the 3 params are replaced into the entire sql and not just > on where clause ? > It depend of the implementation on each database driver? > > Best regards > Maxi > > > -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/d63ac393-8e8f-46f6-93d9-d0d1373da0cd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.