sql injection check

[bcho]

Currently, we are creating the sql query with string concatenation, which is error prone and open to sql injection. We have two very basic unit tests (

sqlite-rest/integration_security_test.go

Line 35 in 23ae76b

func TestSecuritySQLInjection(t *testing.T) {

) to cover this part. But we need to rethink the sql building design.