Use parameter binding for all queries (#387)

2025-12-18 04:44:37 +03:00 · 2020-03-02 23:18:14 +01:00
parent 97ab40595e
commit 80a8d2de97
6 changed files with 15 additions and 28 deletions
--- a/pkg/models/querybuilder_gallery.go
+++ b/pkg/models/querybuilder_gallery.go
@@ -119,7 +119,9 @@ func (qb *GalleryQueryBuilder) Query(findFilter *FindFilterType) ([]*Gallery, in

 	if q := findFilter.Q; q != nil && *q != "" {
 		searchColumns := []string{"galleries.path", "galleries.checksum"}
-		whereClauses = append(whereClauses, getSearch(searchColumns, *q))
+		clause, thisArgs := getSearchBinding(searchColumns, *q, false)
+		whereClauses = append(whereClauses, clause)
+		args = append(args, thisArgs...)
 	}

 	sortAndPagination := qb.getGallerySort(findFilter) + getPagination(findFilter)