From 6a70d74ff3e0b1e95e1fdbcd8457a10a386be82b Mon Sep 17 00:00:00 2001
From: raxracks <multisniperism@gmail.com>
Date: Thu, 29 Feb 2024 22:45:11 +0000
Subject: [PATCH] use sqlite3_mprintf and %q

---
 src/main.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/main.c b/src/main.c
index 2af1116..037c64f 100644
--- a/src/main.c
+++ b/src/main.c
@@ -12,13 +12,12 @@ void on_ready(struct discord *client, const struct discord_ready *msg) {
 
 void on_message(struct discord *client, const struct discord_message *msg) {
         if(msg->type == DISCORD_MESSAGE_REPLY && msg->content != NULL) {
-                char buf[1024];
-                sprintf(buf,    "INSERT INTO messages(message, reply)"
-                                "VALUES('%s', '%s')", 
-                                msg->referenced_message->content, msg->content);
-
                 char* error;
-                if(sqlite3_exec(db, buf, NULL, NULL, &error)) {
+                if(sqlite3_exec(db, sqlite3_mprintf(
+				"INSERT INTO messages(message, reply)"
+                                "VALUES('%q', '%q')", 
+                                msg->referenced_message->content, msg->content), 
+				NULL, NULL, &error)) {
                         log_error(error);
                 }
         }