- projectB.query(""" INSERT INTO new_comments (package, version, comment, author)
- VALUES ('%s', '%s', '%s', '%s')
- """ % (package, version, comment, author) )
+ projectB.query(""" INSERT INTO new_comments (package, version, comment, author, trainee)
+ VALUES ('%s', '%s', '%s', '%s', '%s')
+ """ % (package, version, pg.escape_string(comment), pg.escape_string(author), trainee))