From: Anthony Towns Date: Fri, 21 Dec 2007 09:22:23 +0000 (+0000) Subject: properly escape apostrophes in Uploader: fields X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb182fca01ecf29916eb95201db7d62ee8631be7;p=dak properly escape apostrophes in Uploader: fields --- diff --git a/dak/process_accepted.py b/dak/process_accepted.py index 7dca0d4d..20aab495 100755 --- a/dak/process_accepted.py +++ b/dak/process_accepted.py @@ -311,13 +311,13 @@ def install (): # Add the src_uploaders to the DB if dsc.get("dm-upload-allowed", "no") == "yes": - uploader_ids = [] + uploader_ids = [maintainer_id] if dsc.has_key("uploaders"): - uploader_ids = [ - daklib.database.get_or_set_maintainer_id( u.strip() ) - for u in dsc["uploaders"].split(",") - ] - uploader_ids.append(maintainer_id) + for u in dsc["uploaders"].split(","): + u = u.replace("'", "\\'") + u = u.strip() + uploader_ids.append( + daklib.database.get_or_set_maintainer_id(u)) for u in uploader_ids: projectB.query("INSERT INTO src_uploaders (source, maintainer) VALUES (currval('source_id_seq'), %d)" % (u))