fix(core): escape quotes before sending SQL queries

Fixes #5010
This commit is contained in:
Francis Lachapelle
2020-04-23 13:49:15 -04:00
parent 1801d0d60f
commit 04a6217512
+1 -1
View File
@@ -118,7 +118,7 @@
if ([val isKindOfClass:[NSNumber class]])
qValue = [val stringValue];
else if ([val isKindOfClass:[NSString class]]) {
qValue = [NSString stringWithFormat: @"'%@'", val];
qValue = [NSString stringWithFormat: @"'%@'", [val stringByReplacingString: @"'" withString: @"\\'"]];
}
else {
qValue = @"NULL";