Sanitize input before querying the database

[DAlperin]

I'm not 100% sure but it kind of feels like words aren't being properly escaped in the SQL queries. Putting a 'or 1=1; on a line seems to pretty consistently mess things up and or crash the app for me. I was looking in the Editor.js files and it kind of looks like there is just raw string interpolation happening in the queries but I'm not sure.

Super cool app though :) I really like it so far.

[zehfernandes]

Good catch! You are right a sanitization before query the DB will fix the problem.