From 95073e7b44140962fc0b68a2f4427f2852fe3bfd Mon Sep 17 00:00:00 2001
From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Date: Fri, 20 Dec 2024 22:37:52 +0000
Subject: [PATCH] fix: update SQL validation to handle 'col' column name

Co-Authored-By: Matt Wong <matt@liquidaty.com>
---
 app/utils/overwrite.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/utils/overwrite.c b/app/utils/overwrite.c
index 53ee6fd5..f9e4602a 100644
--- a/app/utils/overwrite.c
+++ b/app/utils/overwrite.c
@@ -119,7 +119,7 @@ enum zsv_status zsv_overwrite_next(void *h, struct zsv_overwrite_data *odata) {
 
 static const char *get_safe_sql_query(sqlite3 *db, const char *user_sql) {
   static const char *default_query =
-    "select row, column, value, timestamp, author from overwrites order by row, column";
+    "select row, col, value, timestamp, author from overwrites order by row, col";
 
   // Handle NULL or empty input
   if (!user_sql || !*user_sql)
@@ -164,7 +164,7 @@ static const char *get_safe_sql_query(sqlite3 *db, const char *user_sql) {
 
     if (strcmp(col_name, "row") == 0)
       has_row = 1;
-    else if (strcmp(col_name, "column") == 0)
+    else if (strcmp(col_name, "column") == 0 || strcmp(col_name, "col") == 0)
       has_column = 1;
     else if (strcmp(col_name, "value") == 0)
       has_value = 1;