mirror of
https://github.com/moltbot/moltbot.git
synced 2026-04-23 14:45:46 +00:00
f7866c1c15
The contacts search passed user input directly into a LIKE pattern without escaping % and _ characters, causing them to act as SQL wildcards and return incorrect results. Add an escapeLikePattern() helper that escapes \, %, and _ with a backslash, and add ESCAPE '\' to the selection clause so SQLite treats them as literal characters. Made-with: Cursor