1
0
mirror of https://github.com/django/django.git synced 2025-10-24 06:06:09 +00:00

Fixed a/an typos in "SQL" usage.

This commit is contained in:
Adam Johnson
2020-05-06 05:35:26 +01:00
committed by GitHub
parent aff7a58aef
commit 1c2c6f1b51
7 changed files with 13 additions and 13 deletions

View File

@@ -42,7 +42,7 @@ The name of the constraint.
.. attribute:: ExclusionConstraint.expressions
An iterable of 2-tuples. The first element is an expression or string. The
second element is a SQL operator represented as a string. To avoid typos, you
second element is an SQL operator represented as a string. To avoid typos, you
may use :class:`~django.contrib.postgres.fields.RangeOperators` which maps the
operators with strings. For example::

View File

@@ -338,7 +338,7 @@ The ``Func`` API is as follows:
**extra_context
)
To avoid a SQL injection vulnerability, ``extra_context`` :ref:`must
To avoid an SQL injection vulnerability, ``extra_context`` :ref:`must
not contain untrusted user input <avoiding-sql-injection-in-query-expressions>`
as these values are interpolated into the SQL string rather than passed
as query parameters, where the database driver would escape them.
@@ -353,7 +353,7 @@ assumed to be column references and will be wrapped in ``F()`` expressions
while other values will be wrapped in ``Value()`` expressions.
The ``**extra`` kwargs are ``key=value`` pairs that can be interpolated
into the ``template`` attribute. To avoid a SQL injection vulnerability,
into the ``template`` attribute. To avoid an SQL injection vulnerability,
``extra`` :ref:`must not contain untrusted user input
<avoiding-sql-injection-in-query-expressions>` as these values are interpolated
into the SQL string rather than passed as query parameters, where the database
@@ -1151,12 +1151,12 @@ SQL injection::
template = "%(function)s('%(substring)s' in %(expressions)s)"
def __init__(self, expression, substring):
# substring=substring is a SQL injection vulnerability!
# substring=substring is an SQL injection vulnerability!
super().__init__(expression, substring=substring)
This function generates a SQL string without any parameters. Since ``substring``
is passed to ``super().__init__()`` as a keyword argument, it's interpolated
into the SQL string before the query is sent to the database.
This function generates an SQL string without any parameters. Since
``substring`` is passed to ``super().__init__()`` as a keyword argument, it's
interpolated into the SQL string before the query is sent to the database.
Here's a corrected rewrite::

View File

@@ -1457,7 +1457,7 @@ relation works.
null=True,
)
``on_delete`` doesn't create a SQL constraint in the database. Support for
``on_delete`` doesn't create an SQL constraint in the database. Support for
database-level cascade options :ticket:`may be implemented later <21961>`.
The possible values for :attr:`~ForeignKey.on_delete` are found in

View File

@@ -247,7 +247,7 @@ backends.
``allow_sliced_subqueries_with_in``.
* ``DatabaseOperations.distinct_sql()`` now requires an additional ``params``
argument and returns a tuple of SQL and parameters instead of a SQL string.
argument and returns a tuple of SQL and parameters instead of an SQL string.
* ``DatabaseFeatures.introspected_boolean_field_type`` is changed from a method
to a property.