mirror of
https://github.com/DarkflameUniverse/DarkflameServer.git
synced 2025-08-05 18:24:12 +00:00
Additional SQLite lookup sanitizing.
Using CDClientDatabase::ExecuteQueryWithArgs() across all known lookups.
This commit is contained in:
TheMatt2
@@ -35,11 +35,9 @@ BaseCombatAIComponent::BaseCombatAIComponent(Entity* parent, const uint32_t id)
|
||||
m_SoftTimer = 5.0f;
|
||||
|
||||
//Grab the aggro information from BaseCombatAI:
|
||||
std::stringstream componentQuery;
|
||||
|
||||
componentQuery << "SELECT aggroRadius, tetherSpeed, pursuitSpeed, softTetherRadius, hardTetherRadius FROM BaseCombatAIComponent WHERE id = " << std::to_string(id);
|
||||
|
||||
auto componentResult = CDClientDatabase::ExecuteQuery(componentQuery.str());
|
||||
auto componentResult = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT aggroRadius, tetherSpeed, pursuitSpeed, softTetherRadius, hardTetherRadius FROM BaseCombatAIComponent WHERE id = %u;",
|
||||
id);
|
||||
|
||||
if (!componentResult.eof())
|
||||
{
|
||||
@@ -64,12 +62,9 @@ BaseCombatAIComponent::BaseCombatAIComponent(Entity* parent, const uint32_t id)
|
||||
/*
|
||||
* Find skills
|
||||
*/
|
||||
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT skillID, cooldown, behaviorID FROM SkillBehavior WHERE skillID IN (SELECT skillID FROM ObjectSkills WHERE objectTemplate = " << std::to_string(parent->GetLOT()) << " )";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT skillID, cooldown, behaviorID FROM SkillBehavior WHERE skillID IN (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);",
|
||||
parent->GetLOT());
|
||||
|
||||
while (!result.eof()) {
|
||||
const auto skillId = static_cast<uint32_t>(result.getIntField(0));
|
||||
|
||||
@@ -371,11 +371,9 @@ const std::vector<BuffParameter>& BuffComponent::GetBuffParameters(int32_t buffI
|
||||
return pair->second;
|
||||
}
|
||||
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT * FROM BuffParameters WHERE BuffID = " << std::to_string(buffId) << ";";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT * FROM BuffParameters WHERE BuffID = %d;",
|
||||
buffId);
|
||||
|
||||
std::vector<BuffParameter> parameters {};
|
||||
|
||||
|
||||
@@ -373,11 +373,8 @@ void DestroyableComponent::AddFaction(const int32_t factionID, const bool ignore
|
||||
m_FactionIDs.push_back(factionID);
|
||||
m_DirtyHealth = true;
|
||||
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT enemyList FROM Factions WHERE faction = " << std::to_string(factionID);
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT enemyList FROM Factions WHERE faction = %d;", factionID);
|
||||
|
||||
if (result.eof()) return;
|
||||
|
||||
|
||||
@@ -1136,22 +1136,18 @@ bool InventoryComponent::IsEquipped(const LOT lot) const
|
||||
return false;
|
||||
}
|
||||
|
||||
void InventoryComponent::CheckItemSet(const LOT lot)
|
||||
{
|
||||
void InventoryComponent::CheckItemSet(const LOT lot) {
|
||||
// Check if the lot is in the item set cache
|
||||
if (std::find(m_ItemSetsChecked.begin(), m_ItemSetsChecked.end(), lot) != m_ItemSetsChecked.end())
|
||||
{
|
||||
if (std::find(m_ItemSetsChecked.begin(), m_ItemSetsChecked.end(), lot) != m_ItemSetsChecked.end()) {
|
||||
return;
|
||||
}
|
||||
|
||||
std::stringstream query;
|
||||
std::cout << "INVENTORY CHECK" << std::endl;
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT setID FROM ItemSets WHERE itemIDs LIKE '%%%d%%';",
|
||||
lot);
|
||||
|
||||
query << "SELECT setID FROM ItemSets WHERE itemIDs LIKE '%" << std::to_string(lot) << "%'";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
|
||||
while (!result.eof())
|
||||
{
|
||||
while (!result.eof()) {
|
||||
const auto id = result.getIntField(0);
|
||||
|
||||
bool found = false;
|
||||
|
||||
@@ -450,11 +450,8 @@ const std::vector<uint32_t>& MissionComponent::QueryAchievements(MissionTaskType
|
||||
}
|
||||
|
||||
bool MissionComponent::RequiresItem(const LOT lot) {
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT type FROM Objects WHERE id = " << std::to_string(lot);
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT type FROM Objects WHERE id = %d;", lot);
|
||||
|
||||
if (result.eof()) {
|
||||
return false;
|
||||
|
||||
@@ -166,13 +166,10 @@ void PetComponent::OnUse(Entity* originator)
|
||||
|
||||
std::string buildFile;
|
||||
|
||||
if (cached == buildCache.end())
|
||||
{
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT ValidPiecesLXF, PuzzleModelLot, Timelimit, NumValidPieces, imagCostPerBuild FROM TamingBuildPuzzles WHERE NPCLot = " << std::to_string(m_Parent->GetLOT()) << ";";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
if (cached == buildCache.end()) {
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT ValidPiecesLXF, PuzzleModelLot, Timelimit, NumValidPieces, imagCostPerBuild FROM TamingBuildPuzzles WHERE NPCLot = %d;",
|
||||
m_Parent->GetLOT());
|
||||
|
||||
if (result.eof())
|
||||
{
|
||||
|
||||
@@ -40,11 +40,9 @@ PropertyManagementComponent::PropertyManagementComponent(Entity* parent) : Compo
|
||||
const auto zoneId = worldId.GetMapID();
|
||||
const auto cloneId = worldId.GetCloneID();
|
||||
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT id FROM PropertyTemplate WHERE mapID = " << std::to_string(zoneId) << ";";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT id FROM PropertyTemplate WHERE mapID = %d;",
|
||||
(int) zoneId);
|
||||
|
||||
if (result.eof() || result.fieldIsNull(0))
|
||||
{
|
||||
@@ -97,12 +95,10 @@ void PropertyManagementComponent::SetOwner(Entity* value)
|
||||
std::vector<NiPoint3> PropertyManagementComponent::GetPaths() const
|
||||
{
|
||||
const auto zoneId = dZoneManager::Instance()->GetZone()->GetWorldID();
|
||||
|
||||
std::stringstream query {};
|
||||
|
||||
query << "SELECT path FROM PropertyTemplate WHERE mapID = " << std::to_string(zoneId) << ";";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT path FROM PropertyTemplate WHERE mapID = %u;",
|
||||
zoneId);
|
||||
|
||||
std::vector<NiPoint3> paths {};
|
||||
|
||||
|
||||
@@ -18,11 +18,9 @@
|
||||
#include "PacketUtils.h"
|
||||
|
||||
RocketLaunchpadControlComponent::RocketLaunchpadControlComponent(Entity* parent, int rocketId) : Component(parent) {
|
||||
std::stringstream query;
|
||||
|
||||
query << "SELECT targetZone, defaultZoneID, targetScene, altLandingPrecondition, altLandingSpawnPointName FROM RocketLaunchpadControlComponent WHERE id = " << std::to_string(rocketId);
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT targetZone, defaultZoneID, targetScene, altLandingPrecondition, altLandingSpawnPointName FROM RocketLaunchpadControlComponent WHERE id = %d;",
|
||||
rocketId);
|
||||
|
||||
if (!result.eof() && !result.fieldIsNull(0))
|
||||
{
|
||||
|
||||
@@ -86,14 +86,11 @@ void SkillComponent::SyncPlayerProjectile(const LWOOBJID projectileId, RakNet::B
|
||||
|
||||
const auto sync_entry = this->m_managedProjectiles.at(index);
|
||||
|
||||
std::stringstream query;
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);",
|
||||
sync_entry.lot);
|
||||
|
||||
query << "SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = " << std::to_string(sync_entry.lot) << ")";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
|
||||
if (result.eof())
|
||||
{
|
||||
if (result.eof()) {
|
||||
Game::logger->Log("SkillComponent", "Failed to find skill id for (%i)!\n", sync_entry.lot);
|
||||
|
||||
return;
|
||||
@@ -428,8 +425,7 @@ void SkillComponent::SyncProjectileCalculation(const ProjectileSyncEntry& entry)
|
||||
{
|
||||
auto* other = EntityManager::Instance()->GetEntity(entry.branchContext.target);
|
||||
|
||||
if (other == nullptr)
|
||||
{
|
||||
if (other == nullptr) {
|
||||
if (entry.branchContext.target != LWOOBJID_EMPTY)
|
||||
{
|
||||
Game::logger->Log("SkillComponent", "Invalid projectile target (%llu)!\n", entry.branchContext.target);
|
||||
@@ -438,14 +434,11 @@ void SkillComponent::SyncProjectileCalculation(const ProjectileSyncEntry& entry)
|
||||
return;
|
||||
}
|
||||
|
||||
std::stringstream query;
|
||||
auto result = CDClientDatabase::ExecuteQueryWithArgs(
|
||||
"SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);",
|
||||
entry.lot);
|
||||
|
||||
query << "SELECT behaviorID FROM SkillBehavior WHERE skillID = (SELECT skillID FROM ObjectSkills WHERE objectTemplate = " << std::to_string(entry.lot) << ")";
|
||||
|
||||
auto result = CDClientDatabase::ExecuteQuery(query.str());
|
||||
|
||||
if (result.eof())
|
||||
{
|
||||
if (result.eof()) {
|
||||
Game::logger->Log("SkillComponent", "Failed to find skill id for (%i)!\n", entry.lot);
|
||||
|
||||
return;
|
||||
|
||||
Reference in New Issue
Block a user