twest820
commented
8 years ago Very low risk. Guarded with a Debug.Assert() for now.
Closed twest820 closed 8 years ago
twest820
commented
8 years ago Very low risk. Guarded with a Debug.Assert() for now.
Timelapse passes user input from DialogCustomViewFilter's controls directly to SQL.
A fix might be to change SQLiteWrapper's lowest level methods from accepting strings to using SQLiteCommand.Parameters, though it's not immediately clear if SQLiteCommand has parity with System.Data.SqlClient.SqlCommand in this regard.