Fixed #12409 -- Corrected some documentation typos in the docs on raw querysets. Also added a missing __init__.py file. Thanks to Alex Gaynor for the reports.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11924 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-21 01:53:39 +00:00 · 2009-12-21 01:53:39 +00:00 · 79d6e402e3
parent c804179126
commit 79d6e402e3
2 changed files with 2 additions and 2 deletions
--- a/docs/topics/db/sql.txt
+++ b/docs/topics/db/sql.txt
@ -154,13 +154,13 @@ parameters from the ``params`` list.

    It's tempting to write the above query as::

-        >>> query = 'SELECT * FROM myapp_person WHERE last_name = %s', % lname
+        >>> query = 'SELECT * FROM myapp_person WHERE last_name = %s' % lname
        >>> Person.objects.raw(query)

    **Don't.**

    Using the ``params`` list completely protects you from `SQL injection
-    attacks`__`, a common exploit where attackers inject arbitrary SQL into
+    attacks`__, a common exploit where attackers inject arbitrary SQL into
    your database. If you use string interpolation, sooner or later you'll
    fall victim to SQL injection. As long as you remember to always use the
    ``params`` list you'll be protected.
--- a/tests/modeltests/raw_query/init.py
+++ b/tests/modeltests/raw_query/init.py