[Getan-commits] [PATCH 05 of 16] Correctly escape sql query
Wald Commits
scm-commit at wald.intevation.org
Mon Mar 3 15:00:36 CET 2014
# HG changeset patch
# User Björn Ricks <bjoern.ricks at intevation.de>
# Date 1393852950 -3600
# Node ID f581752317fd9e6db32915fffdf36325731d6160
# Parent c97a4b6a688740bb69edeef159d27b19db80ce87
Correctly escape sql query
diff -r c97a4b6a6887 -r f581752317fd getan/backend.py
--- a/getan/backend.py Mon Mar 03 11:38:23 2014 +0100
+++ b/getan/backend.py Mon Mar 03 14:22:30 2014 +0100
@@ -64,7 +64,7 @@
FROM
entries
WHERE
- project_id = %i
+ project_id = :project_id
ORDER BY
id
DESC
@@ -160,7 +160,8 @@
cur = None
try:
cur = self.con.cursor()
- cur.execute(LOAD_PROJECT_ENTRIES % project_id)
+ cur.execute(LOAD_PROJECT_ENTRIES,
+ {"project_id": project_id})
entries = []
while True:
More information about the Getan-commits
mailing list