Mirrored_Repos/DarkflameServer
1
0
Fork 0
mirror of https://github.com/DarkflameUniverse/DarkflameServer.git synced 2024-11-22 05:27:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Comply with Xiphoseer required changes.

Browse Source 
Remove the CDClientDatabase::ExecuteQueryWithArgs() function and replace 
it with CDClientDatabase::CreatePreppedStmt().

This prevents a developer from accidently using %s, or incorrectly 
passing std::string, and causing a silent error.
This commit is contained in:
TheMatt2 2022-01-12 22:48:27 -05:00
parent e5f7d164cb
commit 3de3932503
22 changed files with 247 additions and 189 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
dDatabase/CDClientDatabase.cpp
View File

@ -13,3 +13,8 @@ void CDClientDatabase::Connect(const std::string& filename) {
CppSQLite3Query CDClientDatabase::ExecuteQuery(const std::string& query) { CppSQLite3Query CDClientDatabase::ExecuteQuery(const std::string& query) {
return conn->execQuery(query.c_str()); return conn->execQuery(query.c_str());
} }
//! Makes prepared statements
CppSQLite3Statement CDClientDatabase::CreatePreppedStmt(const std::string& query) {
return conn->compileStatement(query.c_str());
}

12
dDatabase/CDClientDatabase.h
View File

@ -43,15 +43,7 @@ namespace CDClientDatabase {
//! Queries the CDClient and parses arguments //! Queries the CDClient and parses arguments
/*! /*!
\param query The query with formatted arguments \param query The query with formatted arguments
\return the results of the query \return prepared SQLite Statement
*/ */
// Due to the template, implementation must be in the header. CppSQLite3Statement CreatePreppedStmt(const std::string& query);
template <typename... Args>
CppSQLite3Query ExecuteQueryWithArgs(const std::string& query, Args... args) {
CppSQLite3Buffer sqlBuf;
sqlBuf.format(query.c_str(), args...);
std::string safe_query = (const char *) sqlBuf;
return ExecuteQuery(safe_query);
}
}; };

8
dDatabase/Tables/CDBehaviorParameterTable.cpp
View File

@ -59,9 +59,11 @@ float CDBehaviorParameterTable::GetEntry(const uint32_t behaviorID, const std::s
} }
#ifndef CDCLIENT_CACHE_ALL #ifndef CDCLIENT_CACHE_ALL
auto tableData = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT parameterID, value FROM BehaviorParameter WHERE behaviorID = %u;", "SELECT parameterID, value FROM BehaviorParameter WHERE behaviorID = ?;");
behaviorID); query.bind(1, (int) behaviorID);
auto tableData = query.execQuery();
m_Entries.insert_or_assign(behaviorID, 0); m_Entries.insert_or_assign(behaviorID, 0);

52
dGame/dBehaviors/Behavior.cpp
View File

@ -276,9 +276,11 @@ Behavior* Behavior::CreateBehavior(const uint32_t behaviorId)
} }
BehaviorTemplates Behavior::GetBehaviorTemplate(const uint32_t behaviorId) { BehaviorTemplates Behavior::GetBehaviorTemplate(const uint32_t behaviorId) {
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT templateID FROM BehaviorTemplate WHERE behaviorID = %u;", "SELECT templateID FROM BehaviorTemplate WHERE behaviorID = ?;");
behaviorId); query.bind(1, (int) behaviorId);
auto result = query.execQuery();
// Make sure we do not proceed if we are trying to load an invalid behavior // Make sure we do not proceed if we are trying to load an invalid behavior
if (result.eof()) if (result.eof())
@ -349,18 +351,24 @@ void Behavior::PlayFx(std::u16string type, const LWOOBJID target, const LWOOBJID
} }
} }
// The SQlite result object becomes invalid if the query object leaves scope.
// So both queries are defined before the if statement
CppSQLite3Query result; CppSQLite3Query result;
if (!type.empty()) auto typeQuery = CDClientDatabase::CreatePreppedStmt(
{ "SELECT effectName FROM BehaviorEffect WHERE effectType = ? AND effectID = ?;");
result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT effectName FROM BehaviorEffect WHERE effectType = %Q AND effectID = %u;", auto idQuery = CDClientDatabase::CreatePreppedStmt(
typeString.c_str(), effectId); "SELECT effectName, effectType FROM BehaviorEffect WHERE effectID = ?;");
}
else if (!type.empty()) {
{ typeQuery.bind(1, typeString.c_str());
result = CDClientDatabase::ExecuteQueryWithArgs( typeQuery.bind(2, (int) effectId);
"SELECT effectName, effectType FROM BehaviorEffect WHERE effectID = %u;",
effectId); result = typeQuery.execQuery();
} else {
idQuery.bind(1, (int) effectId);
result = idQuery.execQuery();
} }
if (result.eof() || result.fieldIsNull(0)) if (result.eof() || result.fieldIsNull(0))
@ -406,9 +414,11 @@ Behavior::Behavior(const uint32_t behaviorId)
this->m_templateId = BehaviorTemplates::BEHAVIOR_EMPTY; this->m_templateId = BehaviorTemplates::BEHAVIOR_EMPTY;
} }
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT templateID, effectID, effectHandle FROM BehaviorTemplate WHERE behaviorID = %u;", "SELECT templateID, effectID, effectHandle FROM BehaviorTemplate WHERE behaviorID = ?;");
behaviorId); query.bind(1, (int) behaviorId);
auto result = query.execQuery();
// Make sure we do not proceed if we are trying to load an invalid behavior // Make sure we do not proceed if we are trying to load an invalid behavior
if (result.eof()) if (result.eof())
@ -481,9 +491,11 @@ std::map<std::string, float> Behavior::GetParameterNames() const
{ {
std::map<std::string, float> parameters; std::map<std::string, float> parameters;
auto tableData = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT parameterID, value FROM BehaviorParameter WHERE behaviorID = %u;", "SELECT parameterID, value FROM BehaviorParameter WHERE behaviorID = ?;");
this->m_behaviorId); query.bind(1, (int) this->m_behaviorId);
auto tableData = query.execQuery();
while (!tableData.eof()) while (!tableData.eof())
{ {

10
dGame/dBehaviors/SwitchMultipleBehavior.cpp
View File

@ -40,12 +40,14 @@ void SwitchMultipleBehavior::Calculate(BehaviorContext* context, RakNet::BitStre
} }
void SwitchMultipleBehavior::Load() { void SwitchMultipleBehavior::Load() {
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT replace(bP1.parameterID, 'behavior ', '') as key, bP1.value as behavior, " "SELECT replace(bP1.parameterID, 'behavior ', '') as key, bP1.value as behavior, "
"(select bP2.value FROM BehaviorParameter bP2 WHERE bP2.behaviorID = %u AND bP2.parameterID LIKE 'value %' " "(select bP2.value FROM BehaviorParameter bP2 WHERE bP2.behaviorID = ?1 AND bP2.parameterID LIKE 'value %' "
"AND replace(bP1.parameterID, 'behavior ', '') = replace(bP2.parameterID, 'value ', '')) as value " "AND replace(bP1.parameterID, 'behavior ', '') = replace(bP2.parameterID, 'value ', '')) as value "
"FROM BehaviorParameter bP1 WHERE bP1.behaviorID = %u AND bP1.parameterID LIKE 'behavior %';", "FROM BehaviorParameter bP1 WHERE bP1.behaviorID = ?1 AND bP1.parameterID LIKE 'behavior %';");
this->m_behaviorId, this->m_behaviorId); query.bind(1, (int) this->m_behaviorId);
auto result = query.execQuery();
while (!result.eof()) { while (!result.eof()) {
const auto behavior_id = static_cast<uint32_t>(result.getFloatField(1)); const auto behavior_id = static_cast<uint32_t>(result.getFloatField(1));

16
dGame/dComponents/BaseCombatAIComponent.cpp
View File

@ -35,9 +35,11 @@ BaseCombatAIComponent::BaseCombatAIComponent(Entity* parent, const uint32_t id)
m_SoftTimer = 5.0f; m_SoftTimer = 5.0f;
//Grab the aggro information from BaseCombatAI: //Grab the aggro information from BaseCombatAI:
auto componentResult = CDClientDatabase::ExecuteQueryWithArgs( auto componentQuery = CDClientDatabase::CreatePreppedStmt(
"SELECT aggroRadius, tetherSpeed, pursuitSpeed, softTetherRadius, hardTetherRadius FROM BaseCombatAIComponent WHERE id = %u;", "SELECT aggroRadius, tetherSpeed, pursuitSpeed, softTetherRadius, hardTetherRadius FROM BaseCombatAIComponent WHERE id = ?;");
id); componentQuery.bind(1, (int) id);
auto componentResult = componentQuery.execQuery();
if (!componentResult.eof()) if (!componentResult.eof())
{ {
@ -62,9 +64,11 @@ BaseCombatAIComponent::BaseCombatAIComponent(Entity* parent, const uint32_t id)
/* /*
* Find skills * Find skills
*/ */
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto skillQuery = CDClientDatabase::CreatePreppedStmt(
"SELECT skillID, cooldown, behaviorID FROM SkillBehavior WHERE skillID IN (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);", "SELECT skillID, cooldown, behaviorID FROM SkillBehavior WHERE skillID IN (SELECT skillID FROM ObjectSkills WHERE objectTemplate = ?);");
parent->GetLOT()); skillQuery.bind(1, (int) parent->GetLOT());
auto result = skillQuery.execQuery();
while (!result.eof()) { while (!result.eof()) {
const auto skillId = static_cast<uint32_t>(result.getIntField(0)); const auto skillId = static_cast<uint32_t>(result.getIntField(0));

8
dGame/dComponents/BuffComponent.cpp
View File

@ -371,9 +371,11 @@ const std::vector<BuffParameter>& BuffComponent::GetBuffParameters(int32_t buffI
return pair->second; return pair->second;
} }
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT * FROM BuffParameters WHERE BuffID = %d;", "SELECT * FROM BuffParameters WHERE BuffID = ?;");
buffId); query.bind(1, (int) buffId);
auto result = query.execQuery();
std::vector<BuffParameter> parameters {}; std::vector<BuffParameter> parameters {};

7
dGame/dComponents/DestroyableComponent.cpp
View File

@ -373,8 +373,11 @@ void DestroyableComponent::AddFaction(const int32_t factionID, const bool ignore
m_FactionIDs.push_back(factionID); m_FactionIDs.push_back(factionID);
m_DirtyHealth = true; m_DirtyHealth = true;
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT enemyList FROM Factions WHERE faction = %d;", factionID); "SELECT enemyList FROM Factions WHERE faction = ?;");
query.bind(1, (int) factionID);
auto result = query.execQuery();
if (result.eof()) return; if (result.eof()) return;

12
dGame/dComponents/InventoryComponent.cpp
View File

@ -1142,10 +1142,13 @@ void InventoryComponent::CheckItemSet(const LOT lot) {
return; return;
} }
std::cout << "INVENTORY CHECK" << std::endl; const std::string lot_query = "%" + std::to_string(lot) + "%";
auto result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT setID FROM ItemSets WHERE itemIDs LIKE '%%%d%%';", auto query = CDClientDatabase::CreatePreppedStmt(
lot); "SELECT setID FROM ItemSets WHERE itemIDs LIKE ?;");
query.bind(1, lot_query.c_str());
auto result = query.execQuery();
while (!result.eof()) { while (!result.eof()) {
const auto id = result.getIntField(0); const auto id = result.getIntField(0);
@ -1737,4 +1740,3 @@ void InventoryComponent::UpdatePetXml(tinyxml2::XMLDocument* document)
petInventoryElement->LinkEndChild(petElement); petInventoryElement->LinkEndChild(petElement);
} }
} }

7
dGame/dComponents/MissionComponent.cpp
View File

@ -450,8 +450,11 @@ const std::vector<uint32_t>& MissionComponent::QueryAchievements(MissionTaskType
} }
bool MissionComponent::RequiresItem(const LOT lot) { bool MissionComponent::RequiresItem(const LOT lot) {
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT type FROM Objects WHERE id = %d;", lot); "SELECT type FROM Objects WHERE id = ?;");
query.bind(1, (int) lot);
auto result = query.execQuery();
if (result.eof()) { if (result.eof()) {
return false; return false;

8
dGame/dComponents/PetComponent.cpp
View File

@ -167,9 +167,11 @@ void PetComponent::OnUse(Entity* originator)
std::string buildFile; std::string buildFile;
if (cached == buildCache.end()) { if (cached == buildCache.end()) {
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT ValidPiecesLXF, PuzzleModelLot, Timelimit, NumValidPieces, imagCostPerBuild FROM TamingBuildPuzzles WHERE NPCLot = %d;", "SELECT ValidPiecesLXF, PuzzleModelLot, Timelimit, NumValidPieces, imagCostPerBuild FROM TamingBuildPuzzles WHERE NPCLot = ?;");
m_Parent->GetLOT()); query.bind(1, (int) m_Parent->GetLOT());
auto result = query.execQuery();
if (result.eof()) if (result.eof())
{ {

16
dGame/dComponents/PropertyManagementComponent.cpp
View File

@ -40,9 +40,11 @@ PropertyManagementComponent::PropertyManagementComponent(Entity* parent) : Compo
const auto zoneId = worldId.GetMapID(); const auto zoneId = worldId.GetMapID();
const auto cloneId = worldId.GetCloneID(); const auto cloneId = worldId.GetCloneID();
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT id FROM PropertyTemplate WHERE mapID = %d;", "SELECT id FROM PropertyTemplate WHERE mapID = ?;");
(int) zoneId); query.bind(1, (int) zoneId);
auto result = query.execQuery();
if (result.eof() || result.fieldIsNull(0)) if (result.eof() || result.fieldIsNull(0))
{ {
@ -96,9 +98,11 @@ std::vector<NiPoint3> PropertyManagementComponent::GetPaths() const
{ {
const auto zoneId = dZoneManager::Instance()->GetZone()->GetWorldID(); const auto zoneId = dZoneManager::Instance()->GetZone()->GetWorldID();
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT path FROM PropertyTemplate WHERE mapID = %u;", "SELECT path FROM PropertyTemplate WHERE mapID = ?;");
zoneId); query.bind(1, (int) zoneId);
auto result = query.execQuery();
std::vector<NiPoint3> paths {}; std::vector<NiPoint3> paths {};

10
dGame/dComponents/RenderComponent.cpp
View File

@ -199,9 +199,13 @@ void RenderComponent::PlayEffect(const int32_t effectId, const std::u16string& e
} }
const std::string effectType_str = GeneralUtils::UTF16ToWTF8(effectType); const std::string effectType_str = GeneralUtils::UTF16ToWTF8(effectType);
auto result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT animation_length FROM Animations WHERE animation_type IN (SELECT animationName FROM BehaviorEffect WHERE effectID = %d AND effectType = %Q);", auto query = CDClientDatabase::CreatePreppedStmt(
effectId, effectType_str.c_str()); "SELECT animation_length FROM Animations WHERE animation_type IN (SELECT animationName FROM BehaviorEffect WHERE effectID = ? AND effectType = ?);");
query.bind(1, effectId);
query.bind(2, effectType_str.c_str());
auto result = query.execQuery();
if (result.eof() || result.fieldIsNull(0)) { if (result.eof() || result.fieldIsNull(0)) {
result.finalize(); result.finalize();

8
dGame/dComponents/RocketLaunchpadControlComponent.cpp
View File

@ -18,9 +18,11 @@
#include "PacketUtils.h" #include "PacketUtils.h"
RocketLaunchpadControlComponent::RocketLaunchpadControlComponent(Entity* parent, int rocketId) : Component(parent) { RocketLaunchpadControlComponent::RocketLaunchpadControlComponent(Entity* parent, int rocketId) : Component(parent) {
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT targetZone, defaultZoneID, targetScene, altLandingPrecondition, altLandingSpawnPointName FROM RocketLaunchpadControlComponent WHERE id = %d;", "SELECT targetZone, defaultZoneID, targetScene, altLandingPrecondition, altLandingSpawnPointName FROM RocketLaunchpadControlComponent WHERE id = ?;");
rocketId); query.bind(1, rocketId);
auto result = query.execQuery();
if (!result.eof() && !result.fieldIsNull(0)) if (!result.eof() && !result.fieldIsNull(0))
{ {

15
dGame/dComponents/SkillComponent.cpp
View File

@ -86,9 +86,11 @@ void SkillComponent::SyncPlayerProjectile(const LWOOBJID projectileId, RakNet::B
const auto sync_entry = this->m_managedProjectiles.at(index); const auto sync_entry = this->m_managedProjectiles.at(index);
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);", "SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = ?);");
sync_entry.lot); query.bind(1, (int) sync_entry.lot);
auto result = query.execQuery();
if (result.eof()) { if (result.eof()) {
Game::logger->Log("SkillComponent", "Failed to find skill id for (%i)!\n", sync_entry.lot); Game::logger->Log("SkillComponent", "Failed to find skill id for (%i)!\n", sync_entry.lot);
@ -434,9 +436,10 @@ void SkillComponent::SyncProjectileCalculation(const ProjectileSyncEntry& entry)
return; return;
} }
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);", "SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = ?);");
entry.lot); query.bind(1, (int) entry.lot);
auto result = query.execQuery();
if (result.eof()) { if (result.eof()) {
Game::logger->Log("SkillComponent", "Failed to find skill id for (%i)!\n", entry.lot); Game::logger->Log("SkillComponent", "Failed to find skill id for (%i)!\n", entry.lot);

8
dGame/dGameMessages/GameMessages.cpp
View File

@ -2509,9 +2509,11 @@ void GameMessages::HandleBBBSaveRequest(RakNet::BitStream* inStream, Entity* ent
const auto zoneId = worldId.GetMapID(); const auto zoneId = worldId.GetMapID();
const auto cloneId = worldId.GetCloneID(); const auto cloneId = worldId.GetCloneID();
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT id FROM PropertyTemplate WHERE mapID = %d;", "SELECT id FROM PropertyTemplate WHERE mapID = ?;");
(int) zoneId); query.bind(1, (int) zoneId);
auto result = query.execQuery();
if (result.eof() || result.fieldIsNull(0)) { if (result.eof() || result.fieldIsNull(0)) {
return; return;

8
dGame/dInventory/Item.cpp
View File

@ -386,9 +386,11 @@ void Item::DisassembleModel()
const auto componentId = table->GetByIDAndType(GetLot(), COMPONENT_TYPE_RENDER); const auto componentId = table->GetByIDAndType(GetLot(), COMPONENT_TYPE_RENDER);
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT render_asset FROM RenderComponent WHERE id = %d;", "SELECT render_asset FROM RenderComponent WHERE id = ?;");
componentId); query.bind(1, (int) componentId);
auto result = query.execQuery();
if (result.eof()) if (result.eof())
{ {

16
dGame/dInventory/ItemSet.cpp
View File

@ -15,9 +15,11 @@ ItemSet::ItemSet(const uint32_t id, InventoryComponent* inventoryComponent)
this->m_PassiveAbilities = ItemSetPassiveAbility::FindAbilities(id, m_InventoryComponent->GetParent(), this); this->m_PassiveAbilities = ItemSetPassiveAbility::FindAbilities(id, m_InventoryComponent->GetParent(), this);
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT skillSetWith2, skillSetWith3, skillSetWith4, skillSetWith5, skillSetWith6, itemIDs FROM ItemSets WHERE setID = %u;", "SELECT skillSetWith2, skillSetWith3, skillSetWith4, skillSetWith5, skillSetWith6, itemIDs FROM ItemSets WHERE setID = ?;");
id); query.bind(1, (int) id);
auto result = query.execQuery();
if (result.eof()) if (result.eof())
{ {
@ -31,9 +33,11 @@ ItemSet::ItemSet(const uint32_t id, InventoryComponent* inventoryComponent)
continue; continue;
} }
auto skillResult = CDClientDatabase::ExecuteQueryWithArgs( auto skillQuery = CDClientDatabase::CreatePreppedStmt(
"SELECT SkillID FROM ItemSetSkills WHERE SkillSetID = %d;", "SELECT SkillID FROM ItemSetSkills WHERE SkillSetID = ?;");
result.getIntField(i)); skillQuery.bind(1, result.getIntField(i));
auto skillResult = skillQuery.execQuery();
if (skillResult.eof()) if (skillResult.eof())
{ {

8
dGame/dUtilities/Preconditions.cpp
View File

@ -16,9 +16,11 @@
std::map<uint32_t, Precondition*> Preconditions::cache = {}; std::map<uint32_t, Precondition*> Preconditions::cache = {};
Precondition::Precondition(const uint32_t condition) { Precondition::Precondition(const uint32_t condition) {
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT type, targetLOT, targetCount FROM Preconditions WHERE id = %u;", "SELECT type, targetLOT, targetCount FROM Preconditions WHERE id = ?;");
condition); query.bind(1, (int) condition);
auto result = query.execQuery();
if (result.eof()) if (result.eof())
{ {

12
dGame/dUtilities/SlashCommandHandler.cpp
View File

@ -1243,11 +1243,13 @@ void SlashCommandHandler::HandleChatCommand(const std::u16string& command, Entit
} }
if (chatCommand == "lookup" && entity->GetGMLevel() >= GAME_MASTER_LEVEL_DEVELOPER && args.size() == 1) { if (chatCommand == "lookup" && entity->GetGMLevel() >= GAME_MASTER_LEVEL_DEVELOPER && args.size() == 1) {
std::string query = "%" + args[0] + "%"; auto query = CDClientDatabase::CreatePreppedStmt(
const char* query_cstr = query.c_str(); "SELECT `id`, `name` FROM `Objects` WHERE `displayName` LIKE ?1 OR `name` LIKE ?1 OR `description` LIKE ?1 LIMIT 50");
auto tables = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT `id`, `name` FROM `Objects` WHERE `displayName` LIKE %Q OR `name` LIKE %Q OR `description` LIKE %Q LIMIT 50", const std::string query_text = "%" + args[0] + "%";
query_cstr, query_cstr, query_cstr); query.bind(1, query_text.c_str());
auto tables = query.execQuery();
while (!tables.eof()) { while (!tables.eof()) {
std::string message = std::to_string(tables.getIntField(0)) + " - " + tables.getStringField(1); std::string message = std::to_string(tables.getIntField(0)) + " - " + tables.getStringField(1);

8
dWorldServer/WorldServer.cpp
View File

@ -1059,9 +1059,11 @@ void HandlePacket(Packet* packet) {
const auto zoneId = Game::server->GetZoneID(); const auto zoneId = Game::server->GetZoneID();
const auto cloneId = g_CloneID; const auto cloneId = g_CloneID;
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT id FROM PropertyTemplate WHERE mapID = %u;", "SELECT id FROM PropertyTemplate WHERE mapID = ?;");
zoneId); query.bind(1, (int) zoneId);
auto result = query.execQuery();
if (result.eof() || result.fieldIsNull(0)) { if (result.eof() || result.fieldIsNull(0)) {
Game::logger->Log("WorldServer", "No property templates found for zone %d, not sending BBB\n", zoneId); Game::logger->Log("WorldServer", "No property templates found for zone %d, not sending BBB\n", zoneId);

8
dZoneManager/dZoneManager.cpp
View File

@ -26,9 +26,11 @@ void dZoneManager::Initialize(const LWOZONEID& zoneID) {
LOT zoneControlTemplate = 2365; LOT zoneControlTemplate = 2365;
auto result = CDClientDatabase::ExecuteQueryWithArgs( auto query = CDClientDatabase::CreatePreppedStmt(
"SELECT zoneControlTemplate, ghostdistance_min, ghostdistance FROM ZoneTable WHERE zoneID = %d;", "SELECT zoneControlTemplate, ghostdistance_min, ghostdistance FROM ZoneTable WHERE zoneID = ?;");
(int) zoneID.GetMapID()); query.bind(1, (int) zoneID.GetMapID());
auto result = query.execQuery();
if (!result.eof()) { if (!result.eof()) {
zoneControlTemplate = result.getIntField("zoneControlTemplate", 2365); zoneControlTemplate = result.getIntField("zoneControlTemplate", 2365);