vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Merge pull request #9 from anandpdoshi/master

Browse source 
Allow db name with $ symbol to be escaped in os.system commands
This commit is contained in:
Rushabh Mehta 2011-08-08 23:14:23 -07:00
commit 4901fe2007
2 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cgi-bin/webnotes/model/db_schema.py
View file

@ -358,7 +358,7 @@ class DbManager:
mysql = mysql_path and os.path.join(mysql_path, 'mysql') or 'mysql'
try:
ret = os.system("%s -u root -p%s %s < %s"%(mysql, root_password.replace(" ", "\ "), target, source))
ret = os.system("%s -u root -p%s %s < %s"%(mysql, root_password.replace(" ", "\ "), target.replace("$", "\$"), source))
except Exception,e:
raise e

10
cgi-bin/webnotes/profile.py
View file

@ -150,10 +150,16 @@ class Profile:
# get profile
profile = webnotes.conn.sql("SELECT name, email, first_name, last_name FROM tabProfile WHERE name=%s OR email=%s",(self.name, self.name))
profile_cols = [desc[0] for desc in webnotes.conn.sql("DESCRIBE tabProfile")]
if not profile:
raise Exception, "Profile %s not found" % self.name
elif 'registered' in profile_cols:
if not webnotes.conn.sql("SELECT registered FROM tabProfile WHERE name=%s", self.name)[0][0]:
# if an unregistered user tries to reset password
raise Exception, "You cannot reset your password as you have not completed registration. You need to complete registration using the link provided in the email."
# update tab Profile
webnotes.conn.sql("UPDATE tabProfile SET password=password(%s) WHERE name=%s", (pwd, profile[0][0]))