On 22 February 2010 11:56, Aljosa Mohorovic <aljosa.mohoro...@gmail.com>wrote:
> what are security concerns if username is allowed to contain chars > like ".,;-() " and non-ascii alphabet letters? > will orm still properly escape string before querying the database? > > Aljosa > > In short, yes it will. All strings passed through the ORM are correctly escaped (this applies to any and all models). I'm not sure what your reason if for using such characters? Dougal -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
