fix: update query method to use non-prepared statements for dynamic SQL compatibility

2026-03-11 23:42:44 +01:00 · 2026-03-11 23:42:44 +01:00 · 520c12e5a7
commit 520c12e5a7
parent 5fe4471fc7
1 changed files with 3 additions and 2 deletions
--- a/database/database.js
+++ b/database/database.js
@ -78,9 +78,10 @@ module.exports = {
      throw error;
    }
  },
-  // Alias for execute to maintain compatibility
+  // Non-prepared query – avoids server-side prepared-statement issues
  // (e.g. "Incorrect arguments to mysqld_stmt_execute" with dynamic SQL)
  async query(query, params = []) {
-    return await pool.execute(query, params);
+    return await pool.query(query, params);
  },
  // Get single row
  async get(query, params = []) {