From 7fc1c2f25f19b2832c456b2c03375cf65233ec68 Mon Sep 17 00:00:00 2001
From: Noah Levitt <nlevitt@archive.org>
Date: Thu, 21 Sep 2017 12:16:25 -0700
Subject: [PATCH] escape strings in sql posted to trough

---
 .../org/archive/modules/postprocessor/TroughCrawlLogFeed.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/src/main/java/org/archive/modules/postprocessor/TroughCrawlLogFeed.java b/contrib/src/main/java/org/archive/modules/postprocessor/TroughCrawlLogFeed.java
index c142523d3..d35e90190 100644
--- a/contrib/src/main/java/org/archive/modules/postprocessor/TroughCrawlLogFeed.java
+++ b/contrib/src/main/java/org/archive/modules/postprocessor/TroughCrawlLogFeed.java
@@ -27,6 +27,7 @@
 
 import org.apache.commons.collections.Closure;
 import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.http.HttpResponse;
 import org.apache.http.client.methods.HttpPost;
@@ -178,7 +179,7 @@ protected String sqlValue(Object o) {
         } else if (o instanceof Number) {
             return o.toString();
         } else {
-            return "'" + o + "'";
+            return "'" + StringEscapeUtils.escapeSql(o.toString()) + "'";
         }
     }