| |
@@ -206,7 +206,7 @@
|
| |
# update callnum (this is deliberately after the commit)
|
| |
# see earlier note near RetryError
|
| |
if callnum is not None:
|
| |
- update = UpdateProcessor('sessions', rawdata={'callnum': callnum},
|
| |
+ update = UpdateProcessor('sessions', data={'callnum': callnum},
|
| |
clauses=['id = %(id)i'], values={'id': id})
|
| |
update.execute()
|
| |
# we only want to commit the callnum change if there are other commits
|
| |
I noticed this when reviewing #3657. The use of rawdata here is not necessary and as such should be avoided for safety.
Note that the existing code is not a security flaw, since the
callnum
value is validated to be an integer above.