fix: use escape

2019-08-28 00:07:00 +05:30 · 2019-08-28 00:07:00 +05:30 · 3d73ef3c13
commit 3d73ef3c13
parent d944c94d98
1 changed files with 1 additions and 1 deletions
--- a/frappe/patches/v12_0/move_email_and_phone_to_child_table.py
+++ b/frappe/patches/v12_0/move_email_and_phone_to_child_table.py
@ -8,7 +8,7 @@ def execute():

 	name_counter = 100000000
 	for contact_detail in contact_details:
-		contact_name = contact_detail.name.replace('"', '\\"').replace("'", "\\'")
+		contact_name = frappe.db.escape(contact_detail.name)

 		if contact_detail.email_id:
 			frappe.db.sql("""