Mirrored_Repos/DarkflameServer
1
0
Fork 0
mirror of https://github.com/DarkflameUniverse/DarkflameServer.git synced 2025-08-06 10:44:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Additional SQLite lookup sanitizing.

Browse Source 
Using CDClientDatabase::ExecuteQueryWithArgs() across all known lookups.
This commit is contained in:
TheMatt2
2022-01-06 21:12:47 -05:00
parent 4796b551ad
commit e5f7d164cb
16 changed files with 75 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
dGame/dComponents/PropertyManagementComponent.cpp
View File

@@ -40,11 +40,9 @@ PropertyManagementComponent::PropertyManagementComponent(Entity* parent) : Compo
const auto zoneId = worldId.GetMapID();
const auto cloneId = worldId.GetCloneID();
std::stringstream query;
query << "SELECT id FROM PropertyTemplate WHERE mapID = " << std::to_string(zoneId) << ";";
auto result = CDClientDatabase::ExecuteQuery(query.str());
auto result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT id FROM PropertyTemplate WHERE mapID = %d;",
(int) zoneId);
if (result.eof() || result.fieldIsNull(0))
{
@@ -97,12 +95,10 @@ void PropertyManagementComponent::SetOwner(Entity* value)
std::vector<NiPoint3> PropertyManagementComponent::GetPaths() const
{
const auto zoneId = dZoneManager::Instance()->GetZone()->GetWorldID();
std::stringstream query {};
query << "SELECT path FROM PropertyTemplate WHERE mapID = " << std::to_string(zoneId) << ";";
auto result = CDClientDatabase::ExecuteQuery(query.str());
auto result = CDClientDatabase::ExecuteQueryWithArgs(
"SELECT path FROM PropertyTemplate WHERE mapID = %u;",
zoneId);
std::vector<NiPoint3> paths {};