add comment about sql injection

2021-01-02 15:39:18 +09:00 · 2021-01-02 15:39:18 +09:00 · 221a3f2748
parent 86114e4eb9
commit 221a3f2748
1 changed files with 1 additions and 0 deletions
--- a/src/db/contents.ts
+++ b/src/db/contents.ts
@ -75,6 +75,7 @@ class KnexContentsAccessor implements ContentAccessor{
                query = query.from("contents");
            }
            if(word !== undefined){
+                //don't worry about sql injection.
                query = query.where('title','like',`%${word}%`);
            }
            if(content_type !== undefined){