Merge lp://staging/~pickscrape/bundlebuggy/escape_quotes_on_my_todo_page into lp://staging/bundlebuggy

Proposed by Russ Brown
Status: Needs review
Proposed branch: lp://staging/~pickscrape/bundlebuggy/escape_quotes_on_my_todo_page
Merge into: lp://staging/bundlebuggy
Diff against target: None lines
To merge this branch: bzr merge lp://staging/~pickscrape/bundlebuggy/escape_quotes_on_my_todo_page
Reviewer Review Type Date Requested Status
Aaron Bentley Pending
Review via email: mp+4211@code.staging.launchpad.net
To post a comment you must log in.
Revision history for this message
Russ Brown (pickscrape) wrote :

A colleague (who has an apostrophe in his name) today discovered that the "My Todo" tab would crash for him with a backtrace.

This branch fixes the problem by escaping apostrophes in the submitter name before it is passed into the querying objects. A better fix would involve parameterization, but my available time limited the amount of framework learning I could do in order to get this working.

Hope this is of use.

Unmerged revisions

366. By Russ Brown

Escape quotes in submitters when searching for user requests

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'bundlebuggy/model.py'
2--- bundlebuggy/model.py 2008-07-23 14:29:36 +0000
3+++ bundlebuggy/model.py 2009-03-05 18:05:03 +0000
4@@ -21,6 +21,7 @@
5 BOM_UTF32_BE)
6 from datetime import datetime
7 import re
8+import string
9
10 from bzrlib.errors import (
11 NotAMergeDirective,
12@@ -352,7 +353,7 @@
13
14 @classmethod
15 def user_requests(klass, user):
16- submitter_ids = set_string(s.id for s in user.submitters)
17+ submitter_ids = set_string(string.replace(s.id, "'", "''") for s in user.submitters)
18 return klass.query.filter('mergerequest.submitter_id IN %s' %
19 submitter_ids)
20

Subscribers

People subscribed via source and target branches

to all changes: