WindowStateSaver: Avoid sql injections by using sqlite statements

WindowStateSaver: Avoid sql injections by using sqlite statements #804