From f083908293b0832c9102e9522b60b5408efa7901 Mon Sep 17 00:00:00 2001
From: contributor <foss.contributor@gmail.com>
Date: Sun, 16 Nov 2025 21:07:09 +0200
Subject: [PATCH] edited notes: use parameterized limit

---
 apps/server/src/routes/api/edited-notes.ts | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/apps/server/src/routes/api/edited-notes.ts b/apps/server/src/routes/api/edited-notes.ts
index f4f47feba..262db76cb 100644
--- a/apps/server/src/routes/api/edited-notes.ts
+++ b/apps/server/src/routes/api/edited-notes.ts
@@ -31,8 +31,10 @@ function getEditedNotesOnDate(req: Request) {
         } satisfies EditedNotesResponse;
     }
 
-    const sqlParams = { date: dateFilter.date + "%" };
-    const limit = 50;
+    const sqlParams = {
+        date: dateFilter.date + "%",
+        limit: 50,
+    };
     const sqlQuery = /*sql*/`\
         SELECT notes.*
         FROM notes
@@ -46,7 +48,7 @@ function getEditedNotesOnDate(req: Request) {
                 WHERE revisions.dateCreated LIKE :date
         )
         ORDER BY isDeleted
-        LIMIT ${limit}`;
+        LIMIT :limit`;
 
     const noteIds = sql.getColumn<string>(
         sqlQuery,
@@ -72,7 +74,7 @@ function getEditedNotesOnDate(req: Request) {
 
     return {
         notes: editedNotes,
-        limit: limit,
+        limit: sqlParams.limit,
     } satisfies EditedNotesResponse;
 }