[GTALUG] capturing the output of any program and inserting in db

Jamon Camisso jamon.camisso at utoronto.ca
Wed Oct 29 17:43:55 UTC 2014


On 2014-10-29 1:37 PM, Myles Braithwaite wrote:
> Jamon Camisso wrote:
>> What if $MESSAGE == 'foo); DELETE FROM log;'
> 
> Fixed:
> 
> #!/bin/bash
> CLEAN_MESSAGE="${MESSAGE//\;/}"
> sqlite3 log.db "INSERT INTO log (message) VALUES ('$CLEAN_MESSAGE');"

Better, but what about:

MESSAGE="foo\u003B DELETE FROM log\u003B"


More information about the talk mailing list