debian/midori
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Escape page uri and title when inserting into database

Browse source
This commit is contained in:
Christian Dywan 2008-12-06 14:35:54 +01:00
parent 6f4b895dfb
commit 3cbe78e5ee
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
midori/main.c
View file

@ -716,13 +716,13 @@ midori_history_add_item_cb (KatzeArray* array,
return;
}
}
sqlcmd = g_strdup_printf ("INSERT INTO history VALUES"
"('%s', '%s', %" G_GUINT64_FORMAT ", -1)",
sqlcmd = sqlite3_mprintf ("INSERT INTO history VALUES"
"('%q', '%q', %" G_GUINT64_FORMAT ", -1)",
katze_item_get_uri (item),
katze_item_get_name (item),
katze_item_get_added (item));
success = db_exec (db, sqlcmd, &error);
g_free (sqlcmd);
sqlite3_free (sqlcmd);
if (!success)
{
g_printerr (_("Failed to add history item: %s\n"), error->message);