[Changeset] r11925 - in django/branches/soc2009/multidb: django/template docs/topics/db tests/modeltests/raw_query

Sun, 20 Dec 2009 18:01:29 -0800 

Author: Alex
Date: 2009-12-20 20:01:24 -0600 (Sun, 20 Dec 2009)
New Revision: 11925

Added:
   django/branches/soc2009/multidb/tests/modeltests/raw_query/__init__.py
Modified:
   django/branches/soc2009/multidb/django/template/loader.py
   django/branches/soc2009/multidb/docs/topics/db/sql.txt
Log:
[soc2009/multidb] Merged up to trunk r11924.

Modified: django/branches/soc2009/multidb/django/template/loader.py
===================================================================
--- django/branches/soc2009/multidb/django/template/loader.py   2009-12-21 
01:53:39 UTC (rev 11924)
+++ django/branches/soc2009/multidb/django/template/loader.py   2009-12-21 
02:01:24 UTC (rev 11925)
@@ -80,7 +80,7 @@
         module, attr = loader.rsplit('.', 1)
         try:
             mod = import_module(module)
-        except ImportError:
+        except ImportError, e:
             raise ImproperlyConfigured('Error importing template source loader 
%s: "%s"' % (loader, e))
         try:
             TemplateLoader = getattr(mod, attr)

Modified: django/branches/soc2009/multidb/docs/topics/db/sql.txt
===================================================================
--- django/branches/soc2009/multidb/docs/topics/db/sql.txt      2009-12-21 
01:53:39 UTC (rev 11924)
+++ django/branches/soc2009/multidb/docs/topics/db/sql.txt      2009-12-21 
02:01:24 UTC (rev 11925)
@@ -154,13 +154,13 @@
 
     It's tempting to write the above query as::
 
-        >>> query = 'SELECT * FROM myapp_person WHERE last_name = %s', % lname
+        >>> query = 'SELECT * FROM myapp_person WHERE last_name = %s' % lname
         >>> Person.objects.raw(query)
 
     **Don't.**
 
     Using the ``params`` list completely protects you from `SQL injection
-    attacks`__`, a common exploit where attackers inject arbitrary SQL into
+    attacks`__, a common exploit where attackers inject arbitrary SQL into
     your database. If you use string interpolation, sooner or later you'll
     fall victim to SQL injection. As long as you remember to always use the
     ``params`` list you'll be protected.

Added: django/branches/soc2009/multidb/tests/modeltests/raw_query/__init__.py
===================================================================

--

You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

Reply via email to