handlersearch: Allow all characters by escaping FTS

Escape FTS queries by simply treating everything as string. Though this way a user cannot use operators, it's an improvement over how it was done before. Closes: #7
2021-03-25 21:40:05 +01:00
parent 2aa11fc2b2
commit d507c507e4
3 changed files with 22 additions and 12 deletions
--- a/database/pagedaosqlite.h
+++ b/database/pagedaosqlite.h
@@ -8,6 +8,9 @@
 #include "sqlitedao.h"
 class PageDaoSqlite : public PageDao, protected SqliteDao
 {
+  private:
+	std::string ftsEscape(std::string input);
+
  public:
 	PageDaoSqlite()
 	{