diff options
| author | Eugeniy Mikhailov <evgmik@gmail.com> | 2011-01-21 11:58:30 -0500 |
|---|---|---|
| committer | Eugeniy Mikhailov <evgmik@gmail.com> | 2011-01-21 11:58:30 -0500 |
| commit | fad2f8eed4ecbc852a647554c2731e8cb34e2b0e (patch) | |
| tree | 07590d75ba67ee2f60490281bac875a81ca0bba0 | |
| parent | 32206ab9049028cfe936b3a55eb14f0536bbc615 (diff) | |
| download | GradeBook-fad2f8eed4ecbc852a647554c2731e8cb34e2b0e.tar.gz GradeBook-fad2f8eed4ecbc852a647554c2731e8cb34e2b0e.zip | |
validating incoming column names
Ignore-this: c7216f71aedb589be51264c5b2ca883b
darcs-hash:20110121165830-067c0-dd84a6c133493369d1e17ec8e486778578bafaef.gz
| -rwxr-xr-x | GradeBook.tcl | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/GradeBook.tcl b/GradeBook.tcl index fed35a8..0f46d49 100755 --- a/GradeBook.tcl +++ b/GradeBook.tcl @@ -448,6 +448,10 @@ proc UpdateColumn { permission_list user } { set column_category [::ncgi::value category {}] set maxpointpossible [::ncgi::value maxpointpossible {}] + # transform colnames to sql safe form + set oldcolumnname [ColName2SqlSafeForm $oldcolumnname] + set newcolumnname [ColName2SqlSafeForm $newcolumnname] + # first we update category and maxpointpossible values of the old columnname UpdateColValue4UserNameNonWeb $oldcolumnname _Col_Category_ $column_category UpdateColValue4UserNameNonWeb $oldcolumnname _Max_Points_ $maxpointpossible @@ -653,6 +657,7 @@ proc AddColumn { permission_list user } { set columnname2add [::ncgi::value columnname2add {}] set column_category [::ncgi::value column_category {}] set maxpointpossible [::ncgi::value maxpointpossible {}] + set columnname2add [ColName2SqlSafeForm $columnname2add] AddColumnNonWeb $columnname2add $column_category $maxpointpossible } |