diff options
author | simo <simo> | 2006-11-23 19:24:08 +0000 |
---|---|---|
committer | simo <simo> | 2006-11-23 19:24:08 +0000 |
commit | 89d6607684a1d28575767a12419b6f652794fc30 (patch) | |
tree | 11a3a1ba498cdb9db6ef18e84b7300f21506836d /tupkg/update/tupkgupdate | |
parent | a103c7b14c2e3b75059d2d813ed1da510f3e3de0 (diff) | |
download | aurweb-89d6607684a1d28575767a12419b6f652794fc30.tar.xz |
sql wansn't escaped on inserting package sources
Diffstat (limited to 'tupkg/update/tupkgupdate')
-rwxr-xr-x | tupkg/update/tupkgupdate | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tupkg/update/tupkgupdate b/tupkg/update/tupkgupdate index 320ccbe..d44a7a3 100755 --- a/tupkg/update/tupkgupdate +++ b/tupkg/update/tupkgupdate @@ -162,7 +162,7 @@ class PackageDatabase: # PackageSources for source in package.sources: q.execute("INSERT INTO PackageSources (PackageID, Source) " + - "VALUES (" + str(id) + ", '" + source + "')") + "VALUES (" + str(id) + ", '" + MySQLdb.escape_string(source) + "')") # PackageDepends for dep in package.depends: depid = self.lookupOrDummy(dep) |