From: cantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Date: Tue, 26 Feb 2008 19:20:52 +0000 (+0000)
Subject: Update was using unescaped key.
X-Git-Tag: 2.4~539
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fsp.git;a=commitdiff_plain;h=1ef6f26a463a31a371547f91d3b5766e1d852558

Update was using unescaped key.

git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/trunk@2747 cb58f699-b61c-0410-a6fe-9272a202ed29
---

diff --git a/odbc-store/odbc-store.cpp b/odbc-store/odbc-store.cpp
index 2fd13c4..4c1ac89 100644
--- a/odbc-store/odbc-store.cpp
+++ b/odbc-store/odbc-store.cpp
@@ -563,7 +563,7 @@ int ODBCStorageService::updateRow(const char *table, const char* context, const
     char *scontext = makeSafeSQL(context);
     char *skey = makeSafeSQL(key);
     string q("SELECT version FROM ");
-    q = q + table + " WHERE context='" + scontext + "' AND id='" + key + "' AND expires > " + timebuf;
+    q = q + table + " WHERE context='" + scontext + "' AND id='" + skey + "' AND expires > " + timebuf;
 
     m_log.debug("SQL: %s", q.c_str());
 
@@ -607,7 +607,7 @@ int ODBCStorageService::updateRow(const char *table, const char* context, const
         q = q + "expires = " + timebuf;
     }
 
-    q = q + " WHERE context='" + scontext + "' AND id='" + key + "'";
+    q = q + " WHERE context='" + scontext + "' AND id='" + skey + "'";
     freeSafeSQL(scontext, context);
     freeSafeSQL(skey, key);