First time here? Check out the FAQ!
Ask Your Question
1

Exceptions if apostrophe's in the title

Looking at the log file for askbot, I noticed that an exception is raised when someone puts an apostrophe in the title.

Looks like this is due to the pre-search query executed on psql. Probably because the apostrophe isn't escaped.

Note that the user of the system doesn't get an exception, so that's transparent to them. I think the only issue might be that the pre-search really isn't running at that point.

Here is a trace:

/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/middleware/pagesize.py TIME: 2011-05-17 09:14:28,255
 MSG: pagesize.py:process_exception:44 <class 'psycopg2.programmingerror'="">
/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/middleware/pagesize.py TIME: 2011-05-17 09:14:28,256
 MSG: pagesize.py:process_exception:45 syntax error in tsquery: "'No&BSP's&for&th'"

/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/middleware/pagesize.py TIME: 2011-05-17 09:14:29,252
 MSG: pagesize.py:process_exception:43   File "/usr/local/lib/python2.6/site-packages/django/core/handlers/base.py", line 99, in get_response
    response = callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/utils/decorators.py", line 56, in wrapper
    return view_func(request, *args, **kwargs)
  File "/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/views/commands.py", line 444, in api_get_questions
    for question in questions:
  File "/usr/local/lib/python2.6/site-packages/django/db/models/query.py", line 107, in _result_iter
    self._fill_cache()
  File "/usr/local/lib/python2.6/site-packages/django/db/models/query.py", line 696, in _fill_cache
    self._result_cache.append(self._iter.next())
  File "/usr/local/lib/python2.6/site-packages/django/db/models/query.py", line 239, in iterator
    for row in self.query.results_iter():
  File "/usr/local/lib/python2.6/site-packages/django/db/models/sql/query.py", line 284, in results_iter
    for rows in self.execute_sql(MULTI):
  File "/usr/local/lib/python2.6/site-packages/django/db/models/sql/query.py", line 2347, in execute_sql
    cursor.execute(sql, params)
  File "/usr/local/lib/python2.6/site-packages/django/db/backends/util.py", line 19, in execute
    return self.cursor.execute(sql, params)

/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/middleware/pagesize.py TIME: 2011-05-17 09:14:29,253
 MSG: pagesize.py:process_exception:44 <class 'psycopg2.programmingerror'="">
/usr/local/lib/python2.6/site-packages/askbot-0.6.82-py2.6.egg/askbot/middleware/pagesize.py TIME: 2011-05-17 09:14:29,253
 MSG: pagesize.py:process_exception:45 syntax error in tsquery: "'No&BSP's&for&this'"
Evgeny's avatar
13.2k
Evgeny
updated 2011-05-17 17:30:30 -0600
Benoit's avatar
875
Benoit
asked 2011-05-17 09:24:27 -0600
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Fixed in 0.6.87. Thanks for the catch!

Evgeny's avatar
13.2k
Evgeny
answered 2011-05-17 17:31:04 -0600
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments