tracker: Properly escape SPARQL arguments

author Jens Georg <mail@jensge.org>

Thu, 21 Jul 2011 20:28:42 +0000 (22:28 +0200)

committer Jens Georg <mail@jensge.org>

Thu, 21 Jul 2011 20:45:27 +0000 (22:45 +0200)
author Jens Georg <mail@jensge.org>
Thu, 21 Jul 2011 20:28:42 +0000 (22:28 +0200)
committer Jens Georg <mail@jensge.org>
Thu, 21 Jul 2011 20:45:27 +0000 (22:45 +0200)
diff --git a/src/plugins/tracker/rygel-tracker-metadata-values.vala b/src/plugins/tracker/rygel-tracker-metadata-values.vala

index e97140d..0f41db1 100644 (file)
--- a/src/plugins/tracker/rygel-tracker-metadata-values.vala
+++ b/src/plugins/tracker/rygel-tracker-metadata-values.vala
@@ -178,7 +178,7 @@ public abstract class Rygel.Tracker.MetadataValues : Rygel.SimpleContainer {
      }
  
      protected virtual string create_filter (string variable, string value) {
-        return variable + " = \"" + value + "\"";
+        return variable + " = \"" + Query.escape_string (value) + "\"";
      }
  
      private bool is_our_child (string id) {
author	Jens Georg <mail@jensge.org>
	Thu, 21 Jul 2011 20:28:42 +0000 (22:28 +0200)
committer	Jens Georg <mail@jensge.org>
	Thu, 21 Jul 2011 20:45:27 +0000 (22:45 +0200)