]> err.no Git - dak/commitdiff
properly escape apostrophes in Uploader: fields
authorAnthony Towns <aj@azure.humbug.org.au>
Fri, 21 Dec 2007 09:22:23 +0000 (09:22 +0000)
committerAnthony Towns <aj@azure.humbug.org.au>
Fri, 21 Dec 2007 09:22:23 +0000 (09:22 +0000)
dak/process_accepted.py

index 7dca0d4db9eb10e6062f5d6fbb47b0b32c82504f..20aab49515e5af6be63497c7578cd749a0465705 100755 (executable)
@@ -311,13 +311,13 @@ def install ():
 
             # Add the src_uploaders to the DB
             if dsc.get("dm-upload-allowed", "no") == "yes":
-                uploader_ids = []
+                uploader_ids = [maintainer_id]
                 if dsc.has_key("uploaders"):
-                    uploader_ids = [
-                        daklib.database.get_or_set_maintainer_id( u.strip() )
-                          for u in dsc["uploaders"].split(",")
-                    ]
-                uploader_ids.append(maintainer_id)
+                   for u in dsc["uploaders"].split(","):
+                       u = u.replace("'", "\\'")
+                       u = u.strip()
+                        uploader_ids.append(
+                           daklib.database.get_or_set_maintainer_id(u))
                 for u in uploader_ids:
                     projectB.query("INSERT INTO src_uploaders (source, maintainer) VALUES (currval('source_id_seq'), %d)" % (u))