aboutsummaryrefslogtreecommitdiffstats
path: root/debug_toolbar/panels/sql.py
diff options
context:
space:
mode:
authorRob Hudson2008-09-24 16:23:01 -0700
committerRob Hudson2008-09-24 16:23:01 -0700
commit85d879803c88aa036934d36977a10b5d28b70aaa (patch)
tree3314e883ea5d9226a560ecaf5b9d251223d08334 /debug_toolbar/panels/sql.py
parentc70de6b2d3e2fd3d3bfa5cc15c7dfd4903aa1991 (diff)
downloaddjango-debug-toolbar-85d879803c88aa036934d36977a10b5d28b70aaa.tar.bz2
Adding a SHA-1 hash to the parameters passed to get the EXPLAIN query to avoid
any sort of tampering of the SQL or parameters.
Diffstat (limited to 'debug_toolbar/panels/sql.py')
-rw-r--r--debug_toolbar/panels/sql.py7
1 files changed, 5 insertions, 2 deletions
diff --git a/debug_toolbar/panels/sql.py b/debug_toolbar/panels/sql.py
index 9223cb7..22d65a7 100644
--- a/debug_toolbar/panels/sql.py
+++ b/debug_toolbar/panels/sql.py
@@ -1,9 +1,11 @@
import time
from debug_toolbar.panels import DebugPanel
+from django.conf import settings
from django.db import connection
from django.db.backends import util
from django.template.loader import render_to_string
from django.utils import simplejson
+from django.utils.hashcompat import sha_constructor
class DatabaseStatTracker(util.CursorDebugWrapper):
"""
@@ -26,7 +28,8 @@ class DatabaseStatTracker(util.CursorDebugWrapper):
'sql': self.db.ops.last_executed_query(self.cursor, sql, params),
'time': stop - start,
'raw_sql': sql,
- 'params': _params
+ 'params': _params,
+ 'hash': sha_constructor(settings.SECRET_KEY + sql + _params).hexdigest(),
})
util.CursorDebugWrapper = DatabaseStatTracker
@@ -37,7 +40,7 @@ class SQLDebugPanel(DebugPanel):
"""
name = 'SQL'
has_content = True
-
+
def __init__(self):
self._offset = len(connection.queries)
self._sql_time = 0
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 19:30:35 +0000