Skip to content

Commit

Permalink
safe escape table name
Browse files Browse the repository at this point in the history
  • Loading branch information
@fanjinfei
fanjinfei committed May 15, 2017
1 parent 6ddd59e commit 68c65e2
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions ckanext/datastore/logic/action.py
View file
Expand Up @@ -178,12 +178,14 @@ def datastore_trigger_each_row(context, data_dict):

connection = db.get_write_engine().connect()

sql = sqlalchemy.text(u'''update "{0}" set _id=_id '''.format(res_id))
sql = sqlalchemy.text(u'''update {0} set _id=_id '''.format(
datastore_helpers.identifier(res_id)))
try:
results = connection.execute(sql)
except sqlalchemy.exc.DatabaseError as err:
raise ValidationError({
u'records': [_programming_error_summary(err)]})
message = err.args[0].split('\n')[0].decode('utf8')
raise p.toolkit.ValidationError({
u'records': [message.split(u') ', 1)[-1]]})
return results.rowcount


Expand Down

0 comments on commit 68c65e2

Please sign in to comment.