Escape characters in tags

eb26a9e9 · Dariusz Kędzierski · b7d73ab9 · eb26a9e9 · eb26a9e9 · eb26a9e9
Commit eb26a9e9 authored 4 years ago by Dariusz Kędzierski
--- a/hive/indexer/post_data_cache.py
+++ b/hive/indexer/post_data_cache.py
 import logging
+from hive.utils.normalize import escape_characters
 from hive.db.adapter import Db

 log = logging.getLogger(__name__)
 DB = Db.instance()

-def escape_characters(text):
-    """ Escape special charactes """
-    ret = str(text)
-    ret = ret.replace("\\", "\\\\")
-    ret = ret.replace("'", "''")
-    ret = ret.replace("%", '%%')
-    ret = ret.replace("_", "\\_")
-    ret = ret.replace(":", "\\:")
-    return ret
-
 class PostDataCache(object):
    """ Procides cache for DB operations on post data table in order to speed up initial sync """
    _data = {}

--- a/hive/indexer/tags.py
+++ b/hive/indexer/tags.py
@@ -4,6 +4,8 @@ from hive.db.adapter import Db
 log = logging.getLogger(__name__)
 DB = Db.instance()

+from hive.utils.normalize import escape_characters
+
 class Tags(object):
    """ Tags cache """
    _tags = []
@@ -24,7 +26,7 @@ class Tags(object):
            """
            values = []
            for tag in cls._tags:
-                values.append("('{}')".format(tag[1]))
+                values.append("('{}')".format(escape_characters(tag[1])))
            sql += ",".join(values)
            sql += " ON CONFLICT DO NOTHING;"

@@ -35,7 +37,7 @@ class Tags(object):
            """
            values = []
            for tag in cls._tags:
-                values.append("({}, (SELECT id FROM hive_tag_data WHERE tag='{}'))".format(tag[0], tag[1]))
+                values.append("({}, (SELECT id FROM hive_tag_data WHERE tag='{}'))".format(tag[0], escape_characters(tag[1])))
            sql += ",".join(values)
            sql += " ON CONFLICT DO NOTHING"
            DB.query(sql)

--- a/hive/utils/normalize.py
+++ b/hive/utils/normalize.py
@@ -13,6 +13,16 @@ NAI_MAP = {
    '@@000000037': 'VESTS',
 }

+def escape_characters(text):
+    """ Escape special charactes """
+    ret = str(text)
+    ret = ret.replace("\\", "\\\\")
+    ret = ret.replace("'", "''")
+    ret = ret.replace("%", '%%')
+    ret = ret.replace("_", "\\_")
+    ret = ret.replace(":", "\\:")
+    return ret
+
 def vests_amount(value):
    """Returns a decimal amount, asserting units are VESTS"""
    return parse_amount(value, 'VESTS')