@@ -17,12 +17,14 @@ class SQLSelectForm(forms.Form):
1717 """
1818 Validate params
1919
20- sql: urlencoded sql with positional arguments
20+ sql: The sql statement with interpolated params
21+ raw_sql: The sql statement with placeholders
2122 params: JSON encoded parameter values
2223 duration: time for SQL to execute passed in from toolbar just for redisplay
2324 hash: the hash of (secret + sql + params) for tamper checking
2425 """
2526 sql = forms .CharField ()
27+ raw_sql = forms .CharField ()
2628 params = forms .CharField ()
2729 alias = forms .CharField (required = False , initial = 'default' )
2830 duration = forms .FloatField ()
@@ -39,8 +41,8 @@ def __init__(self, *args, **kwargs):
3941 for name in self .fields :
4042 self .fields [name ].widget = forms .HiddenInput ()
4143
42- def clean_sql (self ):
43- value = self .cleaned_data ['sql ' ]
44+ def clean_raw_sql (self ):
45+ value = self .cleaned_data ['raw_sql ' ]
4446
4547 if not value .lower ().strip ().startswith ('select' ):
4648 raise ValidationError ("Only 'select' queries are allowed." )
@@ -72,8 +74,7 @@ def clean_hash(self):
7274 return hash
7375
7476 def reformat_sql (self ):
75- sql , params = self .cleaned_data ['sql' ], self .cleaned_data ['params' ]
76- return reformat_sql (self .cursor .db .ops .last_executed_query (self .cursor , sql , params ))
77+ return reformat_sql (self .cleaned_data ['sql' ])
7778
7879 def make_hash (self , data ):
7980 params = force_text (settings .SECRET_KEY ) + data ['sql' ] + data ['params' ]
0 commit comments