Mirrored_Repos/DarkflameServer
1
0
Fork 0
mirror of https://github.com/DarkflameUniverse/DarkflameServer.git synced 2025-08-06 18:54:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Additional SQLite lookup sanitizing.

Browse Source 
Using CDClientDatabase::ExecuteQueryWithArgs() across all known lookups.
This commit is contained in:
TheMatt2
2022-01-06 21:12:47 -05:00
parent 4796b551ad
commit e5f7d164cb
16 changed files with 75 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
dGame/dComponents/InventoryComponent.cpp
View File

@@ -1136,22 +1136,18 @@ bool InventoryComponent::IsEquipped(const LOT lot) const
return false;
}
void InventoryComponent::CheckItemSet(const LOT lot)
{
void InventoryComponent::CheckItemSet(const LOT lot) {
// Check if the lot is in the item set cache
if (std::find(m_ItemSetsChecked.begin(), m_ItemSetsChecked.end(), lot) != m_ItemSetsChecked.end())
{
if (std::find(m_ItemSetsChecked.begin(), m_ItemSetsChecked.end(), lot) != m_ItemSetsChecked.end()) {
return;
}
std::stringstream query;
std::cout << "INVENTORY CHECK" << std::endl;
auto result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT setID FROM ItemSets WHERE itemIDs LIKE '%%%d%%';",
lot);
query << "SELECT setID FROM ItemSets WHERE itemIDs LIKE '%" << std::to_string(lot) << "%'";
auto result = CDClientDatabase::ExecuteQuery(query.str());
while (!result.eof())
{
while (!result.eof()) {
const auto id = result.getIntField(0);
bool found = false;