Mirrored_Repos/DarkflameServer
1
0
Fork 0
mirror of https://github.com/DarkflameUniverse/DarkflameServer.git synced 2025-08-09 20:24:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Additional SQLite lookup sanitizing.

Browse Source 
Using CDClientDatabase::ExecuteQueryWithArgs() across all known lookups.
This commit is contained in:
TheMatt2
2022-01-06 21:12:47 -05:00
parent 4796b551ad
commit e5f7d164cb
16 changed files with 75 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
dGame/dComponents/BaseCombatAIComponent.cpp
View File

@@ -35,11 +35,9 @@ BaseCombatAIComponent::BaseCombatAIComponent(Entity* parent, const uint32_t id)
m_SoftTimer = 5.0f;
//Grab the aggro information from BaseCombatAI:
std::stringstream componentQuery;
componentQuery << "SELECT aggroRadius, tetherSpeed, pursuitSpeed, softTetherRadius, hardTetherRadius FROM BaseCombatAIComponent WHERE id = " << std::to_string(id);
auto componentResult = CDClientDatabase::ExecuteQuery(componentQuery.str());
auto componentResult = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT aggroRadius, tetherSpeed, pursuitSpeed, softTetherRadius, hardTetherRadius FROM BaseCombatAIComponent WHERE id = %u;",
id);
if (!componentResult.eof())
{
@@ -64,12 +62,9 @@ BaseCombatAIComponent::BaseCombatAIComponent(Entity* parent, const uint32_t id)
/*
* Find skills
*/
std::stringstream query;
query << "SELECT skillID, cooldown, behaviorID FROM SkillBehavior WHERE skillID IN (SELECT skillID FROM ObjectSkills WHERE objectTemplate = " << std::to_string(parent->GetLOT()) << " )";
auto result = CDClientDatabase::ExecuteQuery(query.str());
auto result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT skillID, cooldown, behaviorID FROM SkillBehavior WHERE skillID IN (SELECT skillID FROM ObjectSkills WHERE objectTemplate = %d);",
parent->GetLOT());
while (!result.eof()) {
const auto skillId = static_cast<uint32_t>(result.getIntField(0));