Potential SQL injection if user input is not sanitized

### Problem
If user input is ever interpolated directly into SQL queries in `SalesTracker` (for example, filters or dynamic query usage with user-controlled data), there is a risk of SQL injection. Queries should use parameterized statements everywhere, even if currently using trusted data sources.

### Expected Behavior
No direct user input should go into SQL queries without proper sanitization or parameter binding.

### Suggested Fix
- Audit all SQL query usages for parameterization. Ensure queries use parameterized bindings with `better-sqlite3`.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Potential SQL injection if user input is not sanitized #6

Problem

Expected Behavior

Suggested Fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Potential SQL injection if user input is not sanitized #6

Description

Problem

Expected Behavior

Suggested Fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions