From a856086ce1c6e8a63dce364a608ff7c6a56e85bd Mon Sep 17 00:00:00 2001
From: Lars Gebhardt-Kusche <lars@kusche.berlin>
Date: Fri, 2 Jan 2026 00:53:58 +0100
Subject: [PATCH] ysadsad

---
 src/App/Search.php | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/App/Search.php b/src/App/Search.php
index 60a9d27..ff8fd9c 100644
--- a/src/App/Search.php
+++ b/src/App/Search.php
@@ -91,7 +91,20 @@ final class Search
         echo $sql;
         
         $stmt = $this->pdo->prepare($sql);
-        $stmt->execute($bind);
+        foreach ($bind as $name => $value) {
+            $paramName = $name;
+            if ($name[0] !== ':') {
+                $paramName = ':' . $name;
+            }
+            $stmt->bindValue($paramName, $value, \PDO::PARAM_STR);
+        }
+        // Limit als INT binden
+        $stmt->bindValue(':lim', (int)$bind[':lim'] ?? (int)$bind['lim'] ?? (int)$limit, \PDO::PARAM_INT);
+        // Radius nur falls existiert
+        if ($distanceFiltering) {
+            $stmt->bindValue(':radius', $bind[':radius'] ?? $bind['radius'], \PDO::PARAM_STR);
+        }
+        $stmt->execute();
         return $stmt->fetchAll(\PDO::FETCH_ASSOC) ?: [];
     }
 }