From 5130e17a967d8c8c7bbdcaa0341d585cea6a5710 Mon Sep 17 00:00:00 2001
From: Raphael Roberts <raphael.roberts48@gmail.com>
Date: Thu, 13 Dec 2018 21:50:52 -0600
Subject: [PATCH] using re.escape to quote params with metachars

---
 android_db.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/android_db.py b/android_db.py
index 9df7abd..50ae2dc 100644
--- a/android_db.py
+++ b/android_db.py
@@ -32,7 +32,8 @@ class AndroidSQLConn:
         new_str = ','.join(map(
             AndroidSQLConn._quote_param_,params[:n_params]
             ))
-        return param_str.sub(new_str,SQL,1)
+        print(*map(repr,(new_str,SQL)))
+        return param_str.sub(re.escape(new_str),SQL,1)
     def execute(self,SQL,params = None):
         if params:
             SQL = AndroidSQLConn._sub_params_(SQL,params)