Commit Graph

99 Commits

Author SHA1 Message Date
a3a45ad477 fix(ui): preserve messages in non-chat windows while scrolled
All checks were successful
CI Code / Check spelling (push) Successful in 17s
CI Code / Check coding style (push) Successful in 31s
CI Code / Code Coverage (push) Successful in 2m43s
CI Code / Linux (debian) (push) Successful in 4m33s
CI Code / Linux (ubuntu) (push) Successful in 4m48s
CI Code / Linux (arch) (push) Successful in 5m36s
_win_printf dropped buffer append and render for any window in paged
state, but only WIN_CHAT can recover lost messages via chatwin_db_history()
on scroll-down. WIN_MUC, WIN_PRIVATE and WIN_AI have no such fallback, so
incoming and outgoing messages were silently lost when the user was viewing
history.

Introduce log_database_can_recover_messages() to check whether the DB
backend can replay messages (returns FALSE when PREF_DBLOG is "off",
"redact", or no backend is active). Gate the WIN_CHAT early return in
_win_printf() on this check: when recovery is impossible, fall through
and append to the buffer so messages remain visible on scroll-down.

Add a buffer-bottom reset in win_page_down() for non-chat windows.
WIN_SCROLL_REACHED_BOTTOM is only set on the is_chat DB branch, so
non-chat windows never clear paged on their own; reset paged and
unread_msg when the last line of the buffer reaches the screen.

Add missing scroll rendering for AI windows in the title bar draw
function, ensuring AI windows display their scrolled state consistently
with other window types.

Remove the manual paged/unread_msg reset before printing the user
message in cl_ev_send_ai_msg() -- it was a local workaround for the
same drop and is no longer needed.
2026-05-16 15:47:49 +00:00
3f36c303c2 feat(history): flat-file backend with bidirectional SQLite migration
All checks were successful
CI Code / Check spelling (push) Successful in 21s
CI Code / Check coding style (push) Successful in 31s
CI Code / Code Coverage (push) Successful in 2m21s
CI Code / Linux (ubuntu) (push) Successful in 4m30s
CI Code / Linux (debian) (push) Successful in 6m43s
CI Code / Linux (arch) (push) Successful in 10m8s
A flat-file alternative to the SQLite chatlog backend with runtime
switching, full migration tooling, integrity verification, and a
synthetic load harness. SQLite remains the default; both backends share
one dispatch layer (db_backend_t vtable) so callers don't change.

Storage layout
- Per-contact append-only `flatlog/<account>/<contact>/history.log`
  under XDG_DATA_HOME, one line per message
- Single-line file header with embedded format-version marker
  (FLATFILE_FORMAT_VERSION); reader warns on missing or mismatched
  marker, writer and checker stay in sync via preprocessor
  stringification
- Deterministic key=value metadata (`id`, `aid`, `corrects`, `to`,
  `to_res`, `read`) plus escaped body \u2014 `\|`, `\]`, `\\`, `\n`, `\r`
  literals prevent log injection
- Sparse byte-offset index (FF_INDEX_STEP=500) per contact for
  O(log n) time-range lookups; rebuilt on inode / size / mtime
  change, extended in-place when the file just grew
- Per-contact GHashTable caches for archive_id presence and
  stanza_id \u2192 from_jid mapping (O(1) MAM dedup, O(1) LMC sender
  validation)

Hardening
- Path-traversal protection: JID directory name normalisation
  (`@` \u2192 `_at_`, slashes and `..` rejected at construction); every
  per-contact path is anchored under the account's flatlog/
  directory and validated before open
- Symlink-attack protection: every fopen / open uses O_NOFOLLOW; on
  ELOOP the operation aborts with an error rather than following
- Filesystem permissions: log files created with mode 0600,
  directories with mode 0700; both enforced at creation, verified
  on each open and reported on drift by `/history verify`
- Atomic crash-safe export: write to a temp file via mkstemp (mode
  0600, random suffix, no name collisions between concurrent
  exports), fsync, then rename \u2014 partial state never replaces the
  live file
- Concurrency: advisory flock(LOCK_EX) held for the duration of
  every write, including append from live messages and full rewrite
  from export, so two profanity processes can't interleave bytes
  on the same log
- DoS / abuse guards:
    * FF_MAX_LINE_LEN = 10 MB \u2014 lines longer than this are rejected
      at read with a warning; the parser will not allocate
      unbounded memory for a single record
    * FF_MAX_LMC_DEPTH = 100 \u2014 `corrects:` chain walk stops at this
      depth and emits a warning, preventing a malicious correction
      cycle from spinning the apply pass
    * FF_VERSION_SCAN_MAX = 16 \u2014 header version probe never reads
      past 16 leading comment lines, even on garbage input
    * Empty / inverted byte-range early-return in page-up read path
      so a malformed time filter cannot cause an unbounded scan
    * Zero-entry index guard so a file whose every line failed to
      parse cannot cause a NULL deref on later page-up
- LMC sender validation: an incoming correction whose sender does
  not match the original message's sender is rejected at write
  time and surfaced via cons_show_error; a cycle in the apply pass
  is broken via a visited-set
- jid_create_from_bare_and_resource treats NULL, empty string, and
  the literal "(null)" as no resource and returns a bare jid;
  similar normalisation for barejid eliminates the legacy
  "user@host/(null)" artefact that leaked into stored fulljids
  whenever g_strdup_printf("%s", NULL) ran inside create_fulljid

Commands
- `/history switch sqlite|flatfile` \u2014 runtime backend swap, closes
  the old backend and opens the new one without reconnecting
- `/history export [<jid>]` \u2014 SQLite -> flat-file, merging with any
  existing flatlog (dedup keyed on a SHA-256 hash mixing stanza_id,
  timestamp, from_jid, body \u2014 robust against id reuse by older
  clients)
- `/history import [<jid>]` \u2014 flat-file -> SQLite, same merge
  semantics, runs inside a single SQLite transaction with rollback
  on per-contact failure
- `/history verify [<jid>]` \u2014 integrity check; emits a structured
  list of issues (ERROR / WARNING / INFO) per file:
    * file-level: missing log, wrong permissions (\u2260 0600), UTF-8
      BOM present, CRLF line endings, empty file
    * line-level: invalid UTF-8 (with byte offset), embedded
      control characters, unparsable lines, timestamps out of
      order, duplicate `id:` and `aid:` (tracked separately so a
      stanza/archive id collision isn't double-reported)
    * cross-line: broken `corrects:` references whose target id is
      not present in the file
- `/history backend` \u2014 show currently active backend
- Active backend indicator `[sqlite]` / `[flatfile]` in the status
  bar next to the JID
- Roster-JID autocomplete for verify / export / import
- export and import open a SQLite handle on demand when the
  flatfile backend is currently active, so migration works
  regardless of which backend is live

Tests
- Unit: database_export (parser round-trip, escape/unescape, dedup
  key stability, JID normalisation), database_stress (14 cases
  exercising rapid writes, large messages, deep LMC chains, MAM
  dedup, concurrent contacts)
- Functional: history persistence across reconnects, export /
  import round-trip with content equality, MUC migration,
  timestamp normalisation across timezones
- Bench harness P1\u2013P5 (synthetic load: bulk insert, time-range
  read, page-up scroll, MAM ingest, mixed workload) and failure
  modes F1\u2013F17 (page-up cursor and forward-iteration symmetry,
  oversized lines, MAM dedup, LMC depth and cycles, BOM/CRLF,
  missing log, empty file, mtime+inode flip, broken corrects, etc.)
- All bench tests integrate with the existing make targets and
  emit CSV rows for baseline comparison

Author: jabber.developer2 <jabber.developer2@jabber.space>
Reviewed-by: jabber.developer <jabber.developer@jabber.space>
2026-05-05 19:26:07 +00:00
9ec01fa8cc fix: CWE-134 format string audit and compiler hardening
All checks were successful
CI Code / Check spelling (push) Successful in 20s
CI Code / Check coding style (push) Successful in 36s
CI Code / Code Coverage (push) Successful in 5m38s
CI Code / Linux (ubuntu) (push) Successful in 7m1s
CI Code / Linux (debian) (push) Successful in 7m5s
CI Code / Linux (arch) (push) Successful in 7m19s
Security:
Fix CWE-134 in iq.c: user-controlled string passed as format argument
Add G_GNUC_PRINTF annotations to all variadic printf-like wrappers
in ui.h, log.h and http_common.h
Compiler flags (configure.ac):

Replace basic -Wformat/-Wformat-nonliteral with -Wformat=2
Add -Wextra, -Wnull-dereference, -Wpointer-arith,
-Wimplicit-function-declaration, -Wundef, -Wfloat-equal,
-Wredundant-decls, -Walloc-zero
Add -fstack-protector-strong, -fno-common, -D_FORTIFY_SOURCE=2
Add GCC-specific flags via AC_COMPILE_IFELSE: -Wlogical-op,
-Wduplicated-cond, -Wduplicated-branches, -Wstringop-overflow,
-Warray-bounds=2
Suppress noisy -Wextra sub-warnings: -Wno-unused-parameter,
-Wno-missing-field-initializers, -Wno-sign-compare,
-Wno-cast-function-type
Remove AM_CFLAGS/CFLAGS duplication
Bug fixes found by new warnings:

chatlog.c: non-MUCPM redact path passed resourcepart instead of NULL
rosterwin.c: merge duplicated if/else branches into single condition
omemo.c: redundant else-if in omemo_automatic_start; remove
unnecessary scope block and goto, use early return
console.c: pointer compared to integer 0 instead of NULL
stanza.c: increase pri_str/idle_str buffers from 10 to 12 bytes
(INT_MIN = -2147483648 needs 12 bytes including NUL)
vcard.c: NULL guard for filename before g_file_set_contents
api.c: broken log_warning() calls with extra format argument
Format mismatch fixes:

chatwin.c: Jid* → char* for %s
connection.c: %x → %lx for long flags
cmd_funcs.c: %d → %zu for size_t; cast gpointer to char* for %s
cmd_defs.c: %d → %u for g_list_length() return (guint)
iq.c: barejid → fulljid for from_jid
console.c, mucwin.c, privwin.c, account.c, omemo.c, presence.c:
gpointer → (char*) casts for %s
Const-correctness and cleanup:

database.c: const for type, query, sort variables
form.c/xmpp.h: const for form_set_value parameter
files.c: refactor to early return, eliminating NULL logfile path
muc.c/muc.h: remove meaningless top-level const on return type
common.c: const for URL string literal
Remove stale declarations: cons_show_desktop_prefs (ui.h),
connection_set_priority (connection.h),
omemo_devicelist_configure_and_request (omemo.h)
test_common.c: add currb NULL check to silence -Wnull-dereference
Tooling (check-cwe134.sh):

Reduce from 5 checks to 2 (checks 1-3 redundant with -Wformat=2)
Check 1: verify known wrappers have G_GNUC_PRINTF attribute
Check 2: auto-detect unannotated variadic printf-like functions
Match both const char* and const gchar* in variadic patterns

Author: jabber.developer2 <jabber.developer2@jabber.space>
2026-03-07 11:55:50 +01:00
467222d0ca fix(ui,db): harden NULL handling, fix CWE-134, optimize iterations
Some checks failed
CI Code / Code Coverage (push) Failing after 10m34s
CI Code / Check spelling (push) Failing after 10m47s
CI Code / Check coding style (push) Failing after 11m4s
CI Code / Linux (ubuntu) (push) Failing after 11m19s
CI Code / Linux (debian) (push) Failing after 11m28s
CI Code / Linux (arch) (push) Failing after 11m38s
security(CWE-134): fix format string injections + add CI check
fix(ui): subwindow lifecycle, newwin/newpad guards, fallback timestamps
fix(db): sqlite cleanup on failures, sqlite3_close_v2
fix(xmpp): queued_messages loop, barejid leak
perf(core): g_hash_table_iter_init instead of g_hash_table_get_keys
refactor(ui): CLAMP macro in _check_subwin_width
test: XEP-0012 and XEP-0045 functional tests

Author: jabber.developer2
Closes #58, #85
2026-02-06 19:27:40 +01:00
f824cde45f fix(mam, log): improve datetime handling and memory management in MAM and log fetching
- Introduce static helper `_truncate_datetime_suffix()` to safely trim datetime strings, removing unwanted suffixes like timezone offsets
- Replace manual string management with auto_gchar and g_strdup for safer, clearer ownership and to prevent leaks
- Add safety checks and logging warnings for unexpected datetime string lengths or null pointers
- Refactor _mam_rsm_id_handler to use the helper function and updated string handling
- Change log_database_get_previous_chat parameters for consistent ownership semantics, avoiding double frees and mem leaks
- Overall improve stability and prevent memory leaks during log database queries
2025-07-02 14:59:31 +02:00
40b7a12543 Clarify and improve win_page_up() scrolling offset adjustment for smoother paging
All checks were successful
CI / Check spelling (pull_request) Successful in 17s
CI / Check coding style (pull_request) Successful in 29s
CI / Linux (ubuntu) (pull_request) Successful in 11m6s
CI / Linux (debian) (pull_request) Successful in 13m9s
CI / Linux (fedora) (pull_request) Successful in 15m14s
CI / Linux (arch) (pull_request) Successful in 37m59s
CI / Check spelling (push) Successful in 16s
CI / Check coding style (push) Successful in 32s
CI / Linux (debian) (push) Successful in 9m53s
CI / Linux (ubuntu) (push) Successful in 10m9s
CI / Linux (fedora) (push) Successful in 15m8s
CI / Linux (arch) (push) Successful in 15m28s
This commit refines the existing logic in win_page_up() by:
- Improving comments to clearly explain the rationale behind adjusting
  the scroll offset relative to the first buffer entry’s visual position,
  helping future maintainers understand why this is necessary.
- Fixing offset recalculation to better handle cases where older messages
  with variable heights are loaded from the DB, improving scroll smoothness.
- Changing the logging of negative *page_start values from warning to debug,
  recognizing that this can be a normal scenario when insufficient history is loaded.
- Simplifying some conditionals and renaming variables for clearer intent.

No changes yet applied to win_page_down(), but similar improvements could
be considered in the future.

Overall, this enhances the robustness and user experience of scrolling up
in chat windows, while preserving existing functional logic.
2025-07-01 20:53:18 +02:00
Michael Vetter
07dfeec816 Release 0.15.0 2025-03-27 20:06:38 +01:00
Hanspeter Portner
c804137669 Load resources from chat history db
Fixes: https://github.com/profanity-im/profanity/issues/2012
2025-01-26 20:12:41 +01:00
Michael Vetter
569e37f018 Update copyright to 2024 2024-01-22 16:03:48 +01:00
John Hernandez
4fe2c423b1 Fix overscrolling issue
Before there was a problem of overscrolling:
when messages longer than y axis of the terminal are fetched from the DB,
profanity scroll "jumps" to the top, skipping some messages.

It's resolved by keeping messages' starting and ending line in the
internal profanity buffer, which allows to track proper message positions
and to adjust window position accordingly.

Message size is now tracked as part of the buffer's record in `_line`
variable, which allows calculation of the total buffer size, which
might be a part of the improved solution for the "underscrolling" problem,
if we are going to limit profanity's buffer size by amount of lines as
opposed to the limitation based on the amount of message which is currently
used.

Before adding a limitation by amount of lines, careful consideration is
required, as some users don't use history and their temporary message
history can be cut to minimal limit because of 1 long received/sent message.

Underscrolling problem was fixed in a previous commit
d7e46d64fe
Short recap of the problem:
Despite user scrolling to top/bottom of history,
factual position is offset from the intended location

Another feature of this commit is a minor change which adds fetching
message stanza IDs from the DB. It allows correcting messages
fetched from history.

Fixes https://github.com/profanity-im/profanity/issues/1934
2023-12-21 17:32:30 +01:00
Steffen Jaeckel
847a86de50 add connection_get_jid()
Use a singleton `Jid` inside the connection instead of always re-creating
a `Jid` from the same string.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:26:21 +01:00
John Hernandez
d3566b1203 Do not check for unique stanza-id for MAM messages
Since we might have MAM messages already received earlier
it doesn't make sense to require unique stanza-ids there.
Fix https://github.com/profanity-im/profanity/issues/1925.
2023-11-13 09:34:53 +01:00
John Hernandez
bc38ddf8fa Improve handling of NULL pointers in DB
Fix crash that occurs when message fetched from the database is NULL.

Introduced in this commit
89dc7a46f1

Previous fix attempt
6d17b4eeb5
2023-11-07 14:09:58 +01:00
Steffen Jaeckel
a99dda9a97 Handle potential NULL pointers in database
Follow-up of 89dc7a46f1 resp. #1902

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-11-07 11:27:17 +01:00
Michael Vetter
45fe1be58f Merge pull request #1902 from H3rnand3zzz/feature/improved-history
Change DB structure
2023-11-06 22:41:36 +01:00
Steffen Jaeckel
4c26462827 Ensure instances of auto types are initialized
Follow-up of #1913

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-11-06 22:22:35 +01:00
John Hernandez
89dc7a46f1 Improve Database: Replace Empty Strings with NULL Values
Enhance data consistency by updating the database to treat empty
strings as NULL values. This change simplifies queries and improves
overall database integrity.
2023-11-06 18:20:39 +01:00
John Hernandez
d89b5a04fa Change DB stucture, improve LMC behaviour
**Please, backup your DB before performing any testing.**

Introduce new DB structure and DB migration mechanism.
Index `timestamp`, `to_jid`, `from_jid` columns to improve performance.
Add trigger for `replaced_by_db_id` calculation by DB on message insert.

Now LMC messages are interconnected with original messages,
this way we have fast access to last (hence correct) applicable edits,
as well as reference to the original message from any edit (in case of chained edits).

Change the way LMC messages are being displayed. Now we check if we
can replace a message from current buffer. If we don't have a message in
the buffer, it might've been lost, but we can still display it as a
new message.

Further information available here:
https://github.com/profanity-im/profanity/pull/1893
https://github.com/profanity-im/profanity/issues/1899
https://github.com/profanity-im/profanity/pull/1902
2023-11-03 20:32:01 +01:00
Steffen Jaeckel
1d41a328f1 Fix loading of encryption type
The column of the encryption type in the result is 4, not 3.

Fixup of 6375b2719f

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-10-30 16:06:37 +01:00
Michael Vetter
3bd50fdd6a Unify error logging in database.c
Mentioned in review of:
https://github.com/profanity-im/profanity/pull/1898
2023-10-17 11:28:28 +02:00
John Hernandez
24d0030ecc Check sender for LMC messages
When we received a message correction via `XEP-0308: Last Message Correction`
we accepted the change without checking the sender
making it possible for anybody to replace the message if the ID was known.

This change has been proposed by @jubalh
https://github.com/profanity-im/profanity/pull/1893#issuecomment-1752434740
2023-10-17 11:11:10 +02:00
John Hernandez
403f924462 Add logging to DB message insertion
Add logging for cases when the message is not being inserted in the DB due to its ID.

Make diagnostic of unreliable message history much easier,
lay the groundwork for a fully reliable message history.

Further changes might include insertion of messages with non-unique stanza-id,
but as it's a big change with plentiful issues, decision was made
to further investigate potential causes of history unreliability.

For details see #1893 discussion
2023-10-14 13:29:17 +02:00
Michael Vetter
e853c121d9 Fix my email address
in all files
2023-07-31 16:51:58 +02:00
John Hernandez
029f1caa52 Cleanup jid_destroy to auto_jid
Remove unused variables
Apply minor cleanups
2023-07-13 17:05:07 +02:00
John Hernandez
8304ac86ff g_free() to auto_gfree, introduce auto_guchar
Fix 11 potential mem leaks in theme.c
2023-07-13 17:04:59 +02:00
John Hernandez
e1d137f4e6 Change char->free to auto_char char for autocleanup
Replace `gchar` and `g_free` to `auto_gchar`
Correct certain  `char` functions/variables to `gchar`

Related to #1819.

Edited by @jubalh.
2023-07-11 13:26:37 +02:00
John Hernandez
1c102fec27 Add /privacy logging command
Add ability to completely turn logs off,
Needed since `/logging` and `/history` didn't stop history logging
in the DB, only in files.
Command might break something on usage,
hence it was primarily introduced for privacy geeks.
Privacy command discussion #1836
2023-07-03 16:06:24 +02:00
Steffen Jaeckel
76a8de891e Improve const-correctness of API
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-05-12 08:39:19 +02:00
Steffen Jaeckel
e886ba0c6f fix more memory leaks
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-18 20:11:13 +01:00
Michael Vetter
3adc399da0 Update copyright year 2023-01-10 10:37:25 +01:00
Michael Vetter
688191f5e1 Fix merge mistake in database
When doing 3bdc14dbcf I forgot an `,`
before encryption
2022-10-21 16:39:44 +02:00
Michael Vetter
3bdc14dbcf Merge MAM improvements from #1724
I think this PR already solves and improves the MAM situation a lot.

What's @MarcoPolo-PasTonMolo still wanted to do in this branch is:
* MAM for mucs
* Check if url and quotes autocompletion works fine
* Check if the api still works fine
* Resolve conflicts

Conflicts are solved with this commit.

MAM for mucs can be another feature PR.

The rest we can check while being on master. And more people can help
testing.
2022-10-21 13:30:43 +02:00
MarcoPolo-PasTonMolo
4b9ff6d4dc Apply corrections when getting messages from db 2022-08-12 12:13:47 +03:00
MarcoPolo-PasTonMolo
a2f79a19b9 Fix duplicate sent messages in db 2022-07-10 11:17:35 +03:00
MarcoPolo-PasTonMolo
85aaf40432 Have ability to scroll through history even without MAM 2022-07-10 11:17:35 +03:00
MarcoPolo-PasTonMolo
47b3e528e2 Handle scrolling down when buffer fills up 2022-07-10 11:17:35 +03:00
MarcoPolo-PasTonMolo
4d6e95d691 Add loading history message on initial MAM request
This prevents scrolling to top and initiating another MAM request while
still fetching the initial one.
Also free timestamp object in database.c
2022-07-05 11:12:29 +03:00
MarcoPolo-PasTonMolo
6429698f18 Fix initial MAM not displaying
Did this by waiting for a batch of MAM messages to arrive before
prepending them to the buffer. Also limited the number of messages
to fetch to 10 so that the user gets more frequent updates.
2022-07-05 00:06:04 +03:00
MarcoPolo-PasTonMolo
ea83165a35 Get messages from history when scrolling up. 2022-07-03 21:29:36 +03:00
MarcoPolo-PasTonMolo
f0202a2fe0 On new chatwin fetch mam according to guidelines.
Taken from here:
cd3e871e55
2022-07-03 21:23:07 +03:00
Michael Vetter
3d17ecc62b database: remove comment 2022-06-29 15:31:37 +02:00
Michael Vetter
6375b2719f database: retrieve encryption type
When we get a message from the database, also retrieve the encryption
type.
2022-06-29 15:30:54 +02:00
Michael Vetter
dfc51f7ba4 database: unref date 2022-06-29 09:42:54 +02:00
Michael Vetter
31e6b7564e Include xmpp and message header to database.c
That was pulled in through log.h.
2022-06-28 20:08:44 +02:00
Michael Vetter
1330ad4e1e Update copyright year 2022-05-09 15:43:33 +02:00
Steffen Jaeckel
b8e46552bf add files_file_in_account_data_path()
As all parts of the code invoking the `files_get_account_data_path()`
function did the same afterwards, a function has been added with the same
behavior.

1. create path
2. `mkdir` of that path
3. return final path

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-13 14:15:02 +01:00
Steffen Jaeckel
9cf78e59d5 auto-format
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-01 15:01:28 +01:00
Juraj Mlich
c5b370bffc database.c: fix inserting messages to chat logs if archive_id is empty
The original intention of the code was that in case archive_id is not set, NULL should be inserted. What is
inserted however is an empty string. This causes the condition to not insert messages with non-unique
archive_id insert only one message in total and ignore all further ones (if NULL was there, the condition
would work properly). And this in turn causes chat history not work properly.

This commit makes the SQL condition work properly and therefore fixes chat history.

Fixes #1589.
2021-12-31 17:45:45 +01:00
Michael Vetter
f21595597f Format code correctly 2021-10-05 10:01:27 +02:00
CIacademic
e4d23d9364 Escape all parameters in SQL statements
Some more parameters might contain quotes, so escape all of them
with %q by using sqlite3_mprintf.
2021-06-11 14:16:43 +00:00