Cross posted to django-developers: https://groups.google.com/d/topic/django-developers/sIjOXpbQWZ0/discussion
In the future, please keep the conversation in one place. django-users is fine for asking "is it a bug?" questions. My reply from django-developers: I couldn't find any testing of TruncDay with Value(). Is there a difference between the query you're trying to construct and MyModel.objects.filter(created__lt=timezone.now().date()) ? On Friday, June 2, 2017 at 5:15:23 AM UTC-4, Michal Petrucha wrote: > > On Thu, Jun 01, 2017 at 02:29:17AM -0700, Roshan Raghupathy wrote: > > Hi, > > I came across an issue yesterday. Post on stackoverflow > > < > https://stackoverflow.com/questions/44287443/incorrect-escaping-in-django-sql-query> > > > > > > On further investigation today, I think I found the source of the issue. > > It's this line > > < > https://github.com/django/django/blob/master/django/db/models/functions/datetime.py#L149>. > > > > The parameters which are escaped here are never reverted back to the > > original form. > > I tested a dirty fix by converting all '%%s' to '%s' and the query > worked. > > Should I submit a bug? Has it been submitted already? > > Hi Roshan, > > I just took a quick look, and it seems you are right – in all of the > official backend implementations, the *_trunc_sql only use the second > argument in the right-hand side of string formatting, so this > double-percent escaping appears to be wrong there. > > I did a quick search through the issue tracker, and didn't find > anything about this issue, would you mind submitting a new bug report? > It would be best if you could include a complete minimal example that > we could easily run to reproduce the problem. > > Thanks, > > Michal > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/41b97ade-d732-462f-ae3a-f324866b5418%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
