fix(patch): escape special characters in company field

This commit is contained in:
Sahil Khan 2020-06-12 15:16:20 +05:30
parent 86ea75e49e
commit 182c1f860b

View File

@ -7,4 +7,4 @@ def execute():
for entry in doctypes:
if frappe.db.exists('DocType', entry):
frappe.reload_doc('Healthcare', 'doctype', entry)
frappe.db.sql("update `tab{dt}` set company = '{company}' where ifnull(company, '') = ''".format(dt=entry, company=company))
frappe.db.sql("update `tab{dt}` set company = {company} where ifnull(company, '') = ''".format(dt=entry, company=frappe.db.escape(company)))