Hello everyone! I am currently using sqlite in a personal project and am using this class: link
When I use the query function of it, I'm inferable from SQLinjection, for example in this example:
$login=$database ->get_row('SELECT * from usuarios where login="'.$login.'" and senha="'.$senha.'"',$resultado);
When using the quotes, it breaks my query and ends up being exposed to sql injection. I tried to do some things but I did not succeed in preventing this. Could someone help me?