From 1a8fc5daeb07bc828a47393905e8979bced9e823 Mon Sep 17 00:00:00 2001
From: gsd <mamu@ebal.net>
Date: Mon, 25 May 2026 11:33:19 +0300
Subject: [PATCH] %

---
 .../java/app/services/db/PromoCodeService.java  | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/main/java/app/services/db/PromoCodeService.java b/src/main/java/app/services/db/PromoCodeService.java
index fdafd4d..2c938d3 100644
--- a/src/main/java/app/services/db/PromoCodeService.java
+++ b/src/main/java/app/services/db/PromoCodeService.java
@@ -49,9 +49,24 @@ public class PromoCodeService {
                 (rs, n) -> new PromoCode(rs));
     }
 
+    private String sanitazesCode(String input) {
+        if (input == null) return "";
+        StringBuilder sb = new StringBuilder();
+        for (char c : input.toCharArray()) {
+            if ((c >= 'a' && c <= 'z') ||
+                    (c >= 'A' && c <= 'Z') ||
+                    (c >= '0' && c <= '9') ||
+                    c == '-') {
+                sb.append(c);
+            }
+        }
+        return sb.toString();
+    }
+
     public PromoCode getPromoCode(String code) {
+        String sanitCode = sanitazesCode(code);
         return jdbcTemplate.query("SELECT * FROM gived_promocode WHERE code LIKE ?",
-                new Object[]{code},
+                new Object[]{sanitCode},
                 (rs, n) -> new PromoCode(rs)).stream().findFirst().orElse(null);
     }