From 8eb86cdc49c3c2f69d8a64f855220ebd68be336c Mon Sep 17 00:00:00 2001
From: Adam Mathes <adam@adammathes.com>
Date: Tue, 17 Feb 2026 20:55:12 -0800
Subject: Apply SQL injection fix and repair CI config from fix-sql-injection
 branch

---
 models/feed/feed.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'models/feed/feed.go')

diff --git a/models/feed/feed.go b/models/feed/feed.go
index 4f39335..93c62d2 100644
--- a/models/feed/feed.go
+++ b/models/feed/feed.go
@@ -45,11 +45,11 @@ func All() ([]*Feed, error) {
 	return filter(" ORDER BY lower(TITLE) asc")
 }
 
-func filter(where string) ([]*Feed, error) {
+func filter(where string, args ...interface{}) ([]*Feed, error) {
 	// todo: add back in title
 	rows, err := models.DB.Query(`SELECT
                                   id, url, web_url, title, category
-                                  FROM feed ` + where)
+                                  FROM feed `+where, args...)
 	if err != nil {
 		return nil, err
 	}
-- 
cgit v1.2.3