From a41f9323ea5b86be6d2139a927586630b222af68 Mon Sep 17 00:00:00 2001
From: Artem Tarasov
Date: Mon, 22 Jun 2015 00:30:50 +0300
Subject: escape docs query

---
 wqflask/wqflask/docs.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wqflask/wqflask/docs.py b/wqflask/wqflask/docs.py
index 07b0b81a..a8363a1f 100755
--- a/wqflask/wqflask/docs.py
+++ b/wqflask/wqflask/docs.py
@@ -8,9 +8,9 @@ class Docs(object):
         sql = """
             SELECT Docs.title, Docs.content
             FROM Docs
-            WHERE Docs.entry LIKE '%s'
+            WHERE Docs.entry LIKE %s
             """
-        result = g.db.execute(sql % (entry)).fetchone()
+        result = g.db.execute(sql, str(entry)).fetchone()
         self.entry = entry
         self.title = result[0]
         self.content = result[1]
-- 
cgit v1.2.3