From 3657c94c57960067451d2ab42b92dc6d5acfa656 Mon Sep 17 00:00:00 2001 From: Mike O'Connor Date: Thu, 14 May 2009 02:28:30 -0400 Subject: [PATCH] escape strings for comments on packages and comment authors dak hates the name "Mike O'Connor". This uses pg.escape_string to make it love my name instead. --- daklib/database.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daklib/database.py b/daklib/database.py index a5255568..0be839b6 100755 --- a/daklib/database.py +++ b/daklib/database.py @@ -907,7 +907,7 @@ def add_new_comment(package, version, comment, author): projectB.query(""" INSERT INTO new_comments (package, version, comment, author) VALUES ('%s', '%s', '%s', '%s') - """ % (package, version, comment, author) ) + """ % (package, version, pg.escape_string(comment), pg.escape_string(author))) return -- 2.39.5