Running SQL queries¶
/dashboard/ to get started. This interface allows you to execute one or more PostgreSQL SQL queries.
Results will be displayed below each query, limited to a maxmim of 100 rows.
The queries you have executed are encoded into the URL of the page. This means you can bookmark queries and share those links with other people who can access your dashboard.
Note that the queries in the URL are signed using Django’s
SECRET_KEY setting. This means that changing you secret will break your bookmarked URLs.
If your SQL query contains
django-sql-dashboard will convert those into form fields on the page and allow users to submit values for them. These will be correctly quoted and escaped in the SQL query.
Given the following SQL query:
select * from blog_entry where slug = %(slug)s
A form field called
slug will be displayed, and the user will be able to use that to search for blog entries with that given slug.
Here’s a more advanced example:
select * from location where state_id = cast(%(state_id)s as integer) and name ilike '%%' || %(search)s || '%%';
Here a form will be displayed with
The values provided by the user will always be treated like strings - so in this example the
state_id is cast to integer in order to be matched with an integer column.
% characters - for example in the
ilike query above - need to be escaped by providing them twice: