[dak/master] escape strings for comments on packages and comment authors
dak hates the name "Mike O'Connor". This uses pg.escape_string to make it love
my name instead.
---
daklib/database.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/daklib/database.py b/daklib/database.py
index a525556..0be839b 100755
--- a/daklib/database.py
+++ b/daklib/database.py
@@ -907,7 +907,7 @@ def add_new_comment(package, version, comment, author):
projectB.query(""" INSERT INTO new_comments (package, version, comment, author)
VALUES ('%s', '%s', '%s', '%s')
- """ % (package, version, comment, author) )
+ """ % (package, version, pg.escape_string(comment), pg.escape_string(author)))
return
--
1.5.6.5
Reply to: