Update was using unescaped key.

author cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>

Tue, 26 Feb 2008 19:20:52 +0000 (19:20 +0000)

committer cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>

Tue, 26 Feb 2008 19:20:52 +0000 (19:20 +0000)
author cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Tue, 26 Feb 2008 19:20:52 +0000 (19:20 +0000)
committer cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Tue, 26 Feb 2008 19:20:52 +0000 (19:20 +0000)
diff --git a/odbc-store/odbc-store.cpp b/odbc-store/odbc-store.cpp

index 2fd13c4..4c1ac89 100644 (file)
--- a/odbc-store/odbc-store.cpp
+++ b/odbc-store/odbc-store.cpp
@@ -563,7 +563,7 @@ int ODBCStorageService::updateRow(const char *table, const char* context, const
      char *scontext = makeSafeSQL(context);
      char *skey = makeSafeSQL(key);
      string q("SELECT version FROM ");
-    q = q + table + " WHERE context='" + scontext + "' AND id='" + key + "' AND expires > " + timebuf;
+    q = q + table + " WHERE context='" + scontext + "' AND id='" + skey + "' AND expires > " + timebuf;
  
      m_log.debug("SQL: %s", q.c_str());
  
@@ -607,7 +607,7 @@ int ODBCStorageService::updateRow(const char *table, const char* context, const
          q = q + "expires = " + timebuf;
      }
  
-    q = q + " WHERE context='" + scontext + "' AND id='" + key + "'";
+    q = q + " WHERE context='" + scontext + "' AND id='" + skey + "'";
      freeSafeSQL(scontext, context);
      freeSafeSQL(skey, key);
author	cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
	Tue, 26 Feb 2008 19:20:52 +0000 (19:20 +0000)
committer	cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
	Tue, 26 Feb 2008 19:20:52 +0000 (19:20 +0000)