diff options
| author | leak <leak@bitmx.net> | 2012-03-24 01:25:08 +0100 |
|---|---|---|
| committer | leak <leak@bitmx.net> | 2012-03-24 01:25:08 +0100 |
| commit | 12e55a04bb14f4a56576dcc0ead35e996d7dcc7d (patch) | |
| tree | e99f4982d0f249d30ae51479c3f6975f757bb851 | |
| parent | 8e96b86715ac78e18d8fa5e14d9e7b9a3f2dc125 (diff) | |
Core/DBLayer: Convert PQuery() queries to prepared statements
37 files changed, 1036 insertions, 456 deletions
diff --git a/src/server/game/Accounts/AccountMgr.cpp b/src/server/game/Accounts/AccountMgr.cpp index a6ae300e25d..4886b20a0f2 100755 --- a/src/server/game/Accounts/AccountMgr.cpp +++ b/src/server/game/Accounts/AccountMgr.cpp @@ -53,12 +53,21 @@ AccountOpResult CreateAccount(std::string username, std::string password) AccountOpResult DeleteAccount(uint32 accountId) { - QueryResult result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accountId); + // Check if accounts exists + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID); + stmt->setUInt32(0, accountId); + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (!result) - return AOR_NAME_NOT_EXIST; // account doesn't exist + return AOR_NAME_NOT_EXIST; + + // Obtain accounts characters + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARS_BY_ACCOUNT_ID); + + stmt->setUInt32(0, accountId); + + result = CharacterDatabase.Query(stmt); - // existed characters list - result = CharacterDatabase.PQuery("SELECT guid FROM characters WHERE account='%d'", accountId); if (result) { do @@ -66,7 +75,7 @@ AccountOpResult DeleteAccount(uint32 accountId) uint32 guidLow = (*result)[0].GetUInt32(); uint64 guid = MAKE_NEW_GUID(guidLow, 0, HIGHGUID_PLAYER); - // kick if player is online + // Kick if player is online if (Player* p = ObjectAccessor::FindPlayer(guid)) { WorldSession* s = p->GetSession(); @@ -79,7 +88,7 @@ AccountOpResult DeleteAccount(uint32 accountId) } // table realm specific but common for all characters of account for realm - PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_DEL_TUTORIALS); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_DEL_TUTORIALS); stmt->setUInt32(0, accountId); CharacterDatabase.Execute(stmt); stmt = CharacterDatabase.GetPreparedStatement(CHAR_DEL_ACCOUNT_DATA); @@ -99,9 +108,13 @@ AccountOpResult DeleteAccount(uint32 accountId) AccountOpResult ChangeUsername(uint32 accountId, std::string newUsername, std::string newPassword) { - QueryResult result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accountId); + // Check if accounts exists + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID); + stmt->setUInt32(0, accountId); + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (!result) - return AOR_NAME_NOT_EXIST; // account doesn't exist + return AOR_NAME_NOT_EXIST; if (utf8length(newUsername) > MAX_ACCOUNT_STR) return AOR_NAME_TOO_LONG; @@ -112,7 +125,7 @@ AccountOpResult ChangeUsername(uint32 accountId, std::string newUsername, std::s normalizeString(newUsername); normalizeString(newPassword); - PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_USERNAME); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_USERNAME); stmt->setString(0, newUsername); stmt->setString(1, CalculateShaPassHash(newUsername, newPassword)); @@ -148,28 +161,38 @@ AccountOpResult ChangePassword(uint32 accountId, std::string newPassword) uint32 GetId(std::string username) { - LoginDatabase.EscapeString(username); - QueryResult result = LoginDatabase.PQuery("SELECT id FROM account WHERE username = '%s'", username.c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ID_BY_USERNAME); + stmt->setString(0, username); + PreparedQueryResult result = LoginDatabase.Query(stmt); + return (result) ? (*result)[0].GetUInt32() : 0; } uint32 GetSecurity(uint32 accountId) { - QueryResult result = LoginDatabase.PQuery("SELECT gmlevel FROM account_access WHERE id = '%u'", accountId); - return (result) ? (*result)[0].GetUInt32() : 0; + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ACCESS_GMLEVEL); + stmt->setUInt32(0, accountId); + PreparedQueryResult result = LoginDatabase.Query(stmt); + + return (result) ? (*result)[0].GetUInt32() : SEC_PLAYER; } -uint32 GetSecurity(uint64 accountId, int32 realmId) +uint32 GetSecurity(uint32 accountId, int32 realmId) { - QueryResult result = (realmId == -1) - ? LoginDatabase.PQuery("SELECT gmlevel FROM account_access WHERE id = '%u' AND RealmID = '%d'", accountId, realmId) - : LoginDatabase.PQuery("SELECT gmlevel FROM account_access WHERE id = '%u' AND (RealmID = '%d' OR RealmID = '-1')", accountId, realmId); - return (result) ? (*result)[0].GetUInt32() : 0; + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_GMLEVEL_BY_REALMID); + stmt->setUInt32(0, accountId); + stmt->setInt32(1, realmId); + PreparedQueryResult result = LoginDatabase.Query(stmt); + + return (result) ? (*result)[0].GetUInt32() : SEC_PLAYER; } bool GetName(uint32 accountId, std::string& name) { - QueryResult result = LoginDatabase.PQuery("SELECT username FROM account WHERE id = '%u'", accountId); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_USERNAME_BY_ID); + stmt->setUInt32(0, accountId); + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (result) { name = (*result)[0].GetString(); @@ -189,14 +212,21 @@ bool CheckPassword(uint32 accountId, std::string password) normalizeString(username); normalizeString(password); - QueryResult result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d' AND sha_pass_hash='%s'", accountId, CalculateShaPassHash(username, password).c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD); + stmt->setUInt32(0, accountId); + stmt->setString(1, CalculateShaPassHash(username, password)); + PreparedQueryResult result = LoginDatabase.Query(stmt); + return (result) ? true : false; } uint32 GetCharactersCount(uint32 accountId) { // check character count - QueryResult result = CharacterDatabase.PQuery("SELECT COUNT(guid) FROM characters WHERE account = '%d'", accountId); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_SUM_CHARS); + stmt->setUInt32(0, accountId); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + return (result) ? (*result)[0].GetUInt32() : 0; } diff --git a/src/server/game/Accounts/AccountMgr.h b/src/server/game/Accounts/AccountMgr.h index 467972cdf65..c69f3c0a6f3 100755 --- a/src/server/game/Accounts/AccountMgr.h +++ b/src/server/game/Accounts/AccountMgr.h @@ -44,7 +44,7 @@ namespace AccountMgr uint32 GetId(std::string username); uint32 GetSecurity(uint32 accountId); - uint32 GetSecurity(uint64 accountId, int32 realmId); + uint32 GetSecurity(uint32 accountId, int32 realmId); bool GetName(uint32 accountId, std::string& name); uint32 GetCharactersCount(uint32 accountId); std::string CalculateShaPassHash(std::string& name, std::string& password); diff --git a/src/server/game/AuctionHouse/AuctionHouseMgr.cpp b/src/server/game/AuctionHouse/AuctionHouseMgr.cpp index a2e958d680f..38a5a49f7a5 100644 --- a/src/server/game/AuctionHouse/AuctionHouseMgr.cpp +++ b/src/server/game/AuctionHouse/AuctionHouseMgr.cpp @@ -482,7 +482,9 @@ void AuctionHouseObject::Update() if (AuctionsMap.empty()) return; - QueryResult result = CharacterDatabase.PQuery("SELECT id FROM auctionhouse WHERE time <= %u ORDER BY TIME ASC", (uint32)curTime+60); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_AUCTION_BY_TIME); + stmt->setUInt32(0, (uint32)curTime+60); + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (!result) return; diff --git a/src/server/game/Chat/Chat.cpp b/src/server/game/Chat/Chat.cpp index a6596de25d6..21abae2d91a 100755 --- a/src/server/game/Chat/Chat.cpp +++ b/src/server/game/Chat/Chat.cpp @@ -444,7 +444,10 @@ ChatCommand* ChatHandler::getCommandTable() added += appendCommandTable(commandTableCache + added, *it); } - QueryResult result = WorldDatabase.Query("SELECT name, security, help FROM command"); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_COMMANDS); + + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (result) { do diff --git a/src/server/game/Chat/Chat.h b/src/server/game/Chat/Chat.h index 2311f4b8e5e..0a39eb43ddb 100755 --- a/src/server/game/Chat/Chat.h +++ b/src/server/game/Chat/Chat.h @@ -350,8 +350,8 @@ class ChatHandler bool HandleSaveAllCommand(const char* args); // Utility methods for commands - bool LookupPlayerSearchCommand(QueryResult result, int32 limit); - bool HandleBanListHelper(QueryResult result); + bool LookupPlayerSearchCommand(PreparedQueryResult result, int32 limit); + bool HandleBanListHelper(PreparedQueryResult result); bool HandleBanHelper(BanMode mode, char const* args); bool HandleBanInfoHelper(uint32 accountid, char const* accountname); bool HandleUnBanHelper(BanMode mode, char const* args); diff --git a/src/server/game/Chat/Commands/Level2.cpp b/src/server/game/Chat/Commands/Level2.cpp index c973ebe272b..816049ebfbc 100755 --- a/src/server/game/Chat/Commands/Level2.cpp +++ b/src/server/game/Chat/Commands/Level2.cpp @@ -266,18 +266,18 @@ bool ChatHandler::HandlePInfoCommand(const char* args) else if (!extractPlayerTarget((char*)args, &target, &target_guid, &target_name)) return false; - uint32 accId = 0; - uint32 money = 0; + uint32 accId = 0; + uint32 money = 0; uint32 total_player_time = 0; - uint8 level = 0; - uint32 latency = 0; + uint8 level = 0; + uint32 latency = 0; uint8 race; uint8 Class; - int64 muteTime = 0; - int64 banTime = -1; + int64 muteTime = 0; + int64 banTime = -1; uint32 mapId; uint32 areaId; - uint32 phase = 0; + uint32 phase = 0; // get additional information from Player object if (target) @@ -286,17 +286,17 @@ bool ChatHandler::HandlePInfoCommand(const char* args) if (HasLowerSecurity(target, 0)) return false; - accId = target->GetSession()->GetAccountId(); - money = target->GetMoney(); + accId = target->GetSession()->GetAccountId(); + money = target->GetMoney(); total_player_time = target->GetTotalPlayedTime(); - level = target->getLevel(); - latency = target->GetSession()->GetLatency(); - race = target->getRace(); - Class = target->getClass(); - muteTime = target->GetSession()->m_muteTime; - mapId = target->GetMapId(); - areaId = target->GetAreaId(); - phase = target->GetPhaseMask(); + level = target->getLevel(); + latency = target->GetSession()->GetLatency(); + race = target->getRace(); + Class = target->getClass(); + muteTime = target->GetSession()->m_muteTime; + mapId = target->GetMapId(); + areaId = target->GetAreaId(); + phase = target->GetPhaseMask(); } // get additional information from DB else @@ -305,41 +305,42 @@ bool ChatHandler::HandlePInfoCommand(const char* args) if (HasLowerSecurity(NULL, target_guid)) return false; - // 0 1 2 3 4 5 6 7 - QueryResult result = CharacterDatabase.PQuery("SELECT totaltime, level, money, account, race, class, map, zone FROM characters " - "WHERE guid = '%u'", GUID_LOPART(target_guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PINFO); + stmt->setUInt32(0, GUID_LOPART(target_guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return false; - Field* fields = result->Fetch(); + Field* fields = result->Fetch(); total_player_time = fields[0].GetUInt32(); - level = fields[1].GetUInt32(); - money = fields[2].GetUInt32(); - accId = fields[3].GetUInt32(); - race = fields[4].GetUInt8(); - Class = fields[5].GetUInt8(); - mapId = fields[6].GetUInt16(); - areaId = fields[7].GetUInt16(); + level = fields[1].GetUInt32(); + money = fields[2].GetUInt32(); + accId = fields[3].GetUInt32(); + race = fields[4].GetUInt8(); + Class = fields[5].GetUInt8(); + mapId = fields[6].GetUInt16(); + areaId = fields[7].GetUInt16(); } - std::string username = GetTrinityString(LANG_ERROR); - std::string email = GetTrinityString(LANG_ERROR); - std::string last_ip = GetTrinityString(LANG_ERROR); - uint32 security = 0; + std::string username = GetTrinityString(LANG_ERROR); + std::string email = GetTrinityString(LANG_ERROR); + std::string last_ip = GetTrinityString(LANG_ERROR); + uint32 security = 0; std::string last_login = GetTrinityString(LANG_ERROR); - QueryResult result = LoginDatabase.PQuery("SELECT a.username, aa.gmlevel, a.email, a.last_ip, a.last_login, a.mutetime " - "FROM account a " - "LEFT JOIN account_access aa " - "ON (a.id = aa.id AND (aa.RealmID = -1 OR aa.RealmID = %u)) " - "WHERE a.id = '%u'", realmID, accId); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_PINFO); + stmt->setInt32(0, int32(realmID)); + stmt->setUInt32(1, accId); + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (result) { Field* fields = result->Fetch(); - username = fields[0].GetString(); - security = fields[1].GetUInt32(); - email = fields[2].GetString(); - muteTime = fields[5].GetUInt64(); + username = fields[0].GetString(); + security = fields[1].GetUInt32(); + email = fields[2].GetString(); + muteTime = fields[5].GetUInt64(); if (email.empty()) email = "-"; @@ -354,8 +355,13 @@ bool ChatHandler::HandlePInfoCommand(const char* args) EndianConvertReverse(ip); #endif - if (QueryResult result2 = WorldDatabase.PQuery("SELECT c.country FROM ip2nationCountries c, ip2nation i WHERE " - "i.ip < %u AND c.code = i.country ORDER BY i.ip DESC LIMIT 0,1", ip)) + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_IP2NATION_COUNTRY); + + stmt->setUInt32(0, ip); + + PreparedQueryResult result2 = WorldDatabase.Query(stmt); + + if (result2) { Field* fields2 = result2->Fetch(); last_ip.append(" ("); @@ -376,21 +382,23 @@ bool ChatHandler::HandlePInfoCommand(const char* args) std::string bannedby = "unknown"; std::string banreason = ""; - if (QueryResult result2 = LoginDatabase.PQuery("SELECT unbandate, bandate = unbandate, bannedby, banreason FROM account_banned " - "WHERE id = '%u' AND active ORDER BY bandate ASC LIMIT 1", accId)) + + stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_PINFO_BANS); + stmt->setUInt32(0, accId); + PreparedQueryResult result2 = LoginDatabase.Query(stmt); + if (!result2) { - Field* fields = result2->Fetch(); - banTime = fields[1].GetBool() ? 0 : fields[0].GetUInt64(); - bannedby = fields[2].GetString(); - banreason = fields[3].GetString(); + stmt = LoginDatabase.GetPreparedStatement(CHAR_SEL_PINFO_BANS); + stmt->setUInt32(0, GUID_LOPART(target_guid)); + result2 = LoginDatabase.Query(stmt); } - else if (QueryResult result3 = CharacterDatabase.PQuery("SELECT unbandate, bandate = unbandate, bannedby, banreason FROM character_banned " - "WHERE guid = '%u' AND active ORDER BY bandate ASC LIMIT 1", GUID_LOPART(target_guid))) + + if (result2) { - Field* fields = result3->Fetch(); - banTime = fields[1].GetBool() ? 0 : fields[0].GetUInt64(); - bannedby = fields[2].GetString(); - banreason = fields[3].GetString(); + Field* fields = result->Fetch(); + banTime = fields[1].GetBool() ? 0 : fields[0].GetUInt64(); + bannedby = fields[2].GetString(); + banreason = fields[3].GetString(); } if (muteTime > 0) @@ -741,9 +749,9 @@ bool ChatHandler::HandleLookupPlayerIpCommand(const char* args) limit = limit_str ? atoi (limit_str) : -1; } - LoginDatabase.EscapeString(ip); - - QueryResult result = LoginDatabase.PQuery("SELECT id, username FROM account WHERE last_ip = '%s'", ip.c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_IP); + stmt->setString(0, ip); + PreparedQueryResult result = LoginDatabase.Query(stmt); return LookupPlayerSearchCommand(result, limit); } @@ -760,9 +768,9 @@ bool ChatHandler::HandleLookupPlayerAccountCommand(const char* args) if (!AccountMgr::normalizeString (account)) return false; - LoginDatabase.EscapeString (account); - - QueryResult result = LoginDatabase.PQuery ("SELECT id, username FROM account WHERE username = '%s'", account.c_str ()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_LIST_BY_NAME); + stmt->setString(0, account); + PreparedQueryResult result = LoginDatabase.Query(stmt); return LookupPlayerSearchCommand (result, limit); } @@ -776,14 +784,14 @@ bool ChatHandler::HandleLookupPlayerEmailCommand(const char* args) char* limit_str = strtok (NULL, " "); int32 limit = limit_str ? atoi (limit_str) : -1; - LoginDatabase.EscapeString (email); - - QueryResult result = LoginDatabase.PQuery ("SELECT id, username FROM account WHERE email = '%s'", email.c_str ()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_LIST_BY_EMAIL); + stmt->setString(0, email); + PreparedQueryResult result = LoginDatabase.Query(stmt); return LookupPlayerSearchCommand(result, limit); } -bool ChatHandler::LookupPlayerSearchCommand(QueryResult result, int32 limit) +bool ChatHandler::LookupPlayerSearchCommand(PreparedQueryResult result, int32 limit) { if (!result) { @@ -807,8 +815,11 @@ bool ChatHandler::LookupPlayerSearchCommand(QueryResult result, int32 limit) uint32 acc_id = fields[0].GetUInt32(); std::string acc_name = fields[1].GetString(); - QueryResult chars = CharacterDatabase.PQuery("SELECT guid, name FROM characters WHERE account = '%u'", acc_id); - if (chars) + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_GUID_NAME_BY_ACC); + stmt->setUInt32(0, acc_id); + PreparedQueryResult result2 = CharacterDatabase.Query(stmt); + + if (result2) { PSendSysMessage(LANG_LOOKUP_PLAYER_ACCOUNT, acc_name.c_str(), acc_id); @@ -817,14 +828,14 @@ bool ChatHandler::LookupPlayerSearchCommand(QueryResult result, int32 limit) do { - Field* charfields = chars->Fetch(); + Field* charfields = result2->Fetch(); guid = charfields[0].GetUInt64(); name = charfields[1].GetString(); PSendSysMessage(LANG_LOOKUP_PLAYER_CHARACTER, name.c_str(), guid); ++i; - } while (chars->NextRow() && (limit == -1 || i < limit)); + } while (result2->NextRow() && (limit == -1 || i < limit)); } } while (result->NextRow()); diff --git a/src/server/game/Chat/Commands/Level3.cpp b/src/server/game/Chat/Commands/Level3.cpp index 0b7bbf9e7ba..561c5059bad 100755 --- a/src/server/game/Chat/Commands/Level3.cpp +++ b/src/server/game/Chat/Commands/Level3.cpp @@ -225,7 +225,11 @@ bool ChatHandler::HandleAddItemCommand(const char *args) { std::string itemName = citemName+1; WorldDatabase.EscapeString(itemName); - QueryResult result = WorldDatabase.PQuery("SELECT entry FROM item_template WHERE name = '%s'", itemName.c_str()); + + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_ITEM_TEMPLATE_BY_NAME); + stmt->setString(0, itemName); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) { PSendSysMessage(LANG_COMMAND_COULDNOTFIND, citemName+1); @@ -413,22 +417,22 @@ bool ChatHandler::HandleListItemCommand(const char *args) return false; uint32 count = uint32(_count); - QueryResult result; + PreparedQueryResult result; // inventory case uint32 inv_count = 0; - result = CharacterDatabase.PQuery("SELECT COUNT(itemEntry) FROM character_inventory ci INNER JOIN item_instance ii ON ii.guid = ci.item WHERE itemEntry = '%u'", item_id); + + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_INVENTORY_COUNT_ITEM); + stmt->setUInt32(0, item_id); + result = CharacterDatabase.Query(stmt); + if (result) inv_count = (*result)[0].GetUInt32(); - result=CharacterDatabase.PQuery( - // 0 1 2 3 4 5 - "SELECT ci.item, cb.slot AS bag, ci.slot, ci.guid, c.account, c.name FROM characters c " - "INNER JOIN character_inventory ci ON ci.guid = c.guid " - "INNER JOIN item_instance ii ON ii.guid = ci.item " - "LEFT JOIN character_inventory cb ON cb.item = ci.bag " - "WHERE ii.itemEntry = '%u' LIMIT %u ", - item_id, count); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_INVENTORY_ITEM_BY_ENTRY); + stmt->setUInt32(0, item_id); + stmt->setUInt32(1, count); + result = CharacterDatabase.Query(stmt); if (result) { @@ -466,24 +470,23 @@ bool ChatHandler::HandleListItemCommand(const char *args) // mail case uint32 mail_count = 0; - result = CharacterDatabase.PQuery("SELECT COUNT(itemEntry) FROM mail_items mi INNER JOIN item_instance ii ON ii.guid = mi.item_guid WHERE itemEntry = '%u'", item_id); + + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_MAIL_COUNT_ITEM); + stmt->setUInt32(0, item_id); + result = CharacterDatabase.Query(stmt); + if (result) mail_count = (*result)[0].GetUInt32(); if (count > 0) { - result = CharacterDatabase.PQuery( - // 0 1 2 3 4 5 6 - "SELECT mi.item_guid, m.sender, m.receiver, cs.account, cs.name, cr.account, cr.name FROM mail m " - "INNER JOIN mail_items mi ON mi.mail_id = m.id " - "INNER JOIN item_instance ii ON ii.guid = mi.item_guid " - "INNER JOIN characters cs ON cs.guid = m.sender " - "INNER JOIN characters cr ON cr.guid = m.receiver " - "WHERE ii.itemEntry = '%u' LIMIT %u", - item_id, count); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_MAIL_ITEMS_BY_ENTRY); + stmt->setUInt32(0, item_id); + stmt->setUInt32(1, count); + result = CharacterDatabase.Query(stmt); } else - result = QueryResult(NULL); + result = PreparedQueryResult(NULL); if (result) { @@ -514,21 +517,23 @@ bool ChatHandler::HandleListItemCommand(const char *args) // auction case uint32 auc_count = 0; - result=CharacterDatabase.PQuery("SELECT COUNT(itemEntry) FROM auctionhouse ah INNER JOIN item_instance ii ON ii.guid = ah.itemguid WHERE itemEntry = '%u'", item_id); + + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_AUCTIONHOUSE_COUNT_ITEM); + stmt->setUInt32(0, item_id); + result = CharacterDatabase.Query(stmt); + if (result) auc_count = (*result)[0].GetUInt32(); if (count > 0) { - result = CharacterDatabase.PQuery( - // 0 1 2 3 - "SELECT ah.itemguid, ah.itemowner, c.account, c.name FROM auctionhouse ah " - "INNER JOIN characters c ON c.guid = ah.itemowner " - "INNER JOIN item_instance ii ON ii.guid = ah.itemguid " - "WHERE ii.itemEntry = '%u' LIMIT %u", item_id, count); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_AUCTIONHOUSE_ITEM_BY_ENTRY); + stmt->setUInt32(0, item_id); + stmt->setUInt32(1, count); + result = CharacterDatabase.Query(stmt); } else - result = QueryResult(NULL); + result = PreparedQueryResult(NULL); if (result) { @@ -549,17 +554,18 @@ bool ChatHandler::HandleListItemCommand(const char *args) // guild bank case uint32 guild_count = 0; - result = CharacterDatabase.PQuery("SELECT COUNT(itemEntry) FROM guild_bank_item gbi INNER JOIN item_instance ii ON ii.guid = gbi.item_guid WHERE itemEntry = '%u'", item_id); + + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_BANK_COUNT_ITEM); + stmt->setUInt32(0, item_id); + result = CharacterDatabase.Query(stmt); + if (result) guild_count = (*result)[0].GetUInt32(); - result = CharacterDatabase.PQuery( - // 0 1 2 - "SELECT gi.item_guid, gi.guildid, g.name FROM guild_bank_item gi " - "INNER JOIN guild g ON g.guildid = gi.guildid " - "INNER JOIN item_instance ii ON ii.guid = gi.item_guid " - "WHERE ii.itemEntry = '%u' LIMIT %u ", - item_id, count); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_BANK_ITEM_BY_ENTRY); + stmt->setUInt32(0, item_id); + stmt->setUInt32(1, count); + result = CharacterDatabase.Query(stmt); if (result) { @@ -3220,7 +3226,7 @@ bool ChatHandler::HandleBanListCharacterCommand(const char *args) std::string filter(cFilter); PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUID_BY_NAME_FILTER); - stmt->setString(0, filter.c_str()); + stmt->setString(0, filter); PreparedQueryResult result = CharacterDatabase.Query(stmt); if (!result) { @@ -3302,20 +3308,22 @@ bool ChatHandler::HandleBanListAccountCommand(const char *args) char* cFilter = strtok((char*)args, " "); std::string filter = cFilter ? cFilter : ""; - LoginDatabase.EscapeString(filter); - QueryResult result; + PreparedQueryResult result; if (filter.empty()) { - result = LoginDatabase.Query("SELECT account.id, username FROM account, account_banned" - " WHERE account.id = account_banned.id AND active = 1 GROUP BY account.id"); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BANNED_ALL); + + result = LoginDatabase.Query(stmt); } else { - result = LoginDatabase.PQuery("SELECT account.id, username FROM account, account_banned" - " WHERE account.id = account_banned.id AND active = 1 AND username "_LIKE_" "_CONCAT3_("'%%'", "'%s'", "'%%'")" GROUP BY account.id", - filter.c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BANNED_BY_USERNAME); + + stmt->setString(0, filter); + + result = LoginDatabase.Query(stmt); } if (!result) @@ -3327,7 +3335,7 @@ bool ChatHandler::HandleBanListAccountCommand(const char *args) return HandleBanListHelper(result); } -bool ChatHandler::HandleBanListHelper(QueryResult result) +bool ChatHandler::HandleBanListHelper(PreparedQueryResult result) { PSendSysMessage(LANG_BANLIST_MATCHINGACCOUNT); @@ -3410,19 +3418,21 @@ bool ChatHandler::HandleBanListIPCommand(const char *args) std::string filter = cFilter ? cFilter : ""; LoginDatabase.EscapeString(filter); - QueryResult result; + PreparedQueryResult result; if (filter.empty()) { - result = LoginDatabase.Query ("SELECT ip, bandate, unbandate, bannedby, banreason FROM ip_banned" - " WHERE (bandate=unbandate OR unbandate>UNIX_TIMESTAMP())" - " ORDER BY unbandate"); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_IP_BANNED_ALL); + + result = LoginDatabase.Query(stmt); } else { - result = LoginDatabase.PQuery("SELECT ip, bandate, unbandate, bannedby, banreason FROM ip_banned" - " WHERE (bandate=unbandate OR unbandate>UNIX_TIMESTAMP()) AND ip "_LIKE_" "_CONCAT3_("'%%'", "'%s'", "'%%'") - " ORDER BY unbandate", filter.c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_IP_BANNED_BY_IP); + + stmt->setString(0, filter); + + result = LoginDatabase.Query(stmt); } if (!result) @@ -4619,8 +4629,11 @@ bool ChatHandler::HandleUnFreezeCommand(const char *args) { if (TargetName) { - //check for offline players - QueryResult result = CharacterDatabase.PQuery("SELECT characters.guid FROM characters WHERE characters.name = '%s'", name.c_str()); + // Check for offline players + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_GUID_BY_NAME); + stmt->setString(0, name); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) { SendSysMessage(LANG_COMMAND_FREEZE_WRONG); @@ -4630,7 +4643,10 @@ bool ChatHandler::HandleUnFreezeCommand(const char *args) Field* fields=result->Fetch(); uint64 pguid = fields[0].GetUInt64(); - CharacterDatabase.PQuery("DELETE FROM character_aura WHERE character_aura.spell = 9454 AND character_aura.guid = '%u'", pguid); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_DEL_CHAR_AURA_FROZEN); + stmt->setUInt32(0, pguid); + CharacterDatabase.Execute(stmt); + PSendSysMessage(LANG_COMMAND_UNFREEZE, name.c_str()); return true; } @@ -4646,8 +4662,11 @@ bool ChatHandler::HandleUnFreezeCommand(const char *args) bool ChatHandler::HandleListFreezeCommand(const char * /*args*/) { - //Get names from DB - QueryResult result = CharacterDatabase.Query("SELECT characters.name FROM characters LEFT JOIN character_aura ON (characters.guid = character_aura.guid) WHERE character_aura.spell = 9454"); + // Get names from DB + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARACTER_AURA_FROZEN); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) { SendSysMessage(LANG_COMMAND_NO_FROZEN_PLAYERS); diff --git a/src/server/game/Entities/Pet/Pet.cpp b/src/server/game/Entities/Pet/Pet.cpp index 1a3c1a3fbb3..cad38d5c23f 100755 --- a/src/server/game/Entities/Pet/Pet.cpp +++ b/src/server/game/Entities/Pet/Pet.cpp @@ -97,30 +97,42 @@ bool Pet::LoadPetFromDB(Player* owner, uint32 petentry, uint32 petnumber, bool c uint32 ownerid = owner->GetGUIDLow(); - QueryResult result; + PreparedStatement* stmt; + PreparedQueryResult result; if (petnumber) - // known petnumber entry 0 1 2(?) 3 4 5 6 7 8 9 10 11 12 13 14 15 16 - result = CharacterDatabase.PQuery("SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType " - "FROM character_pet WHERE owner = '%u' AND id = '%u'", - ownerid, petnumber); + { + // Known petnumber entry + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PET_BY_ENTRY); + stmt->setUInt32(0, ownerid); + stmt->setUInt8(1, uint8(petnumber)); + } else if (current) - // current pet (slot 0) 0 1 2(?) 3 4 5 6 7 8 9 10 11 12 13 14 15 16 - result = CharacterDatabase.PQuery("SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType " - "FROM character_pet WHERE owner = '%u' AND slot = '%u'", - ownerid, PET_SAVE_AS_CURRENT); + { + // Current pet (slot 0) + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PET_BY_ENTRY); + stmt->setUInt32(0, ownerid); + stmt->setUInt8(1, uint8(PET_SAVE_AS_CURRENT)); + } else if (petentry) + { // known petentry entry (unique for summoned pet, but non unique for hunter pet (only from current or not stabled pets) - // 0 1 2(?) 3 4 5 6 7 8 9 10 11 12 13 14 15 16 - result = CharacterDatabase.PQuery("SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType " - "FROM character_pet WHERE owner = '%u' AND entry = '%u' AND (slot = '%u' OR slot > '%u') ", - ownerid, petentry, PET_SAVE_AS_CURRENT, PET_SAVE_LAST_STABLE_SLOT); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PET_BY_ENTRY_AND_SLOT); + stmt->setUInt32(0, ownerid); + stmt->setUInt32(1, petentry); + stmt->setUInt8(2, uint8(PET_SAVE_AS_CURRENT)); + stmt->setUInt8(3, uint8(PET_SAVE_LAST_STABLE_SLOT)); + } else - // any current or other non-stabled pet (for hunter "call pet") - // 0 1 2(?) 3 4 5 6 7 8 9 10 11 12 13 14 15 16 - result = CharacterDatabase.PQuery("SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType " - "FROM character_pet WHERE owner = '%u' AND (slot = '%u' OR slot > '%u') ", - ownerid, PET_SAVE_AS_CURRENT, PET_SAVE_LAST_STABLE_SLOT); + { + // Any current or other non-stabled pet (for hunter "call pet") + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PET_BY_SLOT); + stmt->setUInt32(0, ownerid); + stmt->setUInt8(1, uint8(PET_SAVE_AS_CURRENT)); + stmt->setUInt8(2, uint8(PET_SAVE_LAST_STABLE_SLOT)); + } + + result = CharacterDatabase.Query(stmt); if (!result) { @@ -310,7 +322,10 @@ bool Pet::LoadPetFromDB(Player* owner, uint32 petentry, uint32 petnumber, bool c if (getPetType() == HUNTER_PET) { - result = CharacterDatabase.PQuery("SELECT genitive, dative, accusative, instrumental, prepositional FROM character_pet_declinedname WHERE owner = '%u' AND id = '%u'", owner->GetGUIDLow(), GetCharmInfo()->GetPetNumber()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PET_DECLINED_NAME); + stmt->setUInt32(0, owner->GetGUIDLow()); + stmt->setUInt32(1, GetCharmInfo()->GetPetNumber()); + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -1037,7 +1052,9 @@ void Pet::_LoadSpellCooldowns() m_CreatureSpellCooldowns.clear(); m_CreatureCategoryCooldowns.clear(); - QueryResult result = CharacterDatabase.PQuery("SELECT spell, time FROM pet_spell_cooldown WHERE guid = '%u'", m_charmInfo->GetPetNumber()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PET_SPELL_COOLDOWN); + stmt->setUInt32(0, m_charmInfo->GetPetNumber()); + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -1099,7 +1116,9 @@ void Pet::_SaveSpellCooldowns(SQLTransaction& trans) void Pet::_LoadSpells() { - QueryResult result = CharacterDatabase.PQuery("SELECT spell, active FROM pet_spell WHERE guid = '%u'", m_charmInfo->GetPetNumber()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PET_SPELL); + stmt->setUInt32(0, m_charmInfo->GetPetNumber()); + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -1147,7 +1166,9 @@ void Pet::_LoadAuras(uint32 timediff) { sLog->outDebug(LOG_FILTER_PETS, "Loading auras for pet %u", GetGUIDLow()); - QueryResult result = CharacterDatabase.PQuery("SELECT caster_guid, spell, effect_mask, recalculate_mask, stackcount, amount0, amount1, amount2, base_amount0, base_amount1, base_amount2, maxduration, remaintime, remaincharges FROM pet_aura WHERE guid = '%u'", m_charmInfo->GetPetNumber()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PET_AURA); + stmt->setUInt32(0, m_charmInfo->GetPetNumber()); + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -1630,18 +1651,19 @@ void Pet::resetTalentsForAllPetsOf(Player* owner, Pet* online_pet /*= NULL*/) // now need only reset for offline pets (all pets except online case) uint32 except_petnumber = online_pet ? online_pet->GetCharmInfo()->GetPetNumber() : 0; - QueryResult resultPets = CharacterDatabase.PQuery( - "SELECT id FROM character_pet WHERE owner = '%u' AND id <> '%u'", - owner->GetGUIDLow(), except_petnumber); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PET); + stmt->setUInt32(0, owner->GetGUIDLow()); + stmt->setUInt32(1, except_petnumber); + PreparedQueryResult resultPets = CharacterDatabase.Query(stmt); // no offline pets if (!resultPets) return; - QueryResult result = CharacterDatabase.PQuery( - "SELECT DISTINCT pet_spell.spell FROM pet_spell, character_pet " - "WHERE character_pet.owner = '%u' AND character_pet.id = pet_spell.guid AND character_pet.id <> %u", - owner->GetGUIDLow(), except_petnumber); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PET_SPELL_LIST); + stmt->setUInt32(0, owner->GetGUIDLow()); + stmt->setUInt32(0, except_petnumber); + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (!result) return; diff --git a/src/server/game/Entities/Player/Player.cpp b/src/server/game/Entities/Player/Player.cpp index bd5b1010f45..4cb759cc7f0 100755 --- a/src/server/game/Entities/Player/Player.cpp +++ b/src/server/game/Entities/Player/Player.cpp @@ -4787,7 +4787,10 @@ void Player::DeleteFromDB(uint64 playerguid, uint32 accountId, bool updateRealmC LeaveAllArenaTeams(playerguid); // the player was uninvited already on logout so just remove from group - QueryResult resultGroup = CharacterDatabase.PQuery("SELECT guid FROM group_member WHERE memberGuid=%u", guid); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GROUP_MEMBER); + stmt->setUInt32(0, guid); + PreparedQueryResult resultGroup = CharacterDatabase.Query(stmt); + if (resultGroup) if (Group* group = sGroupMgr->GetGroupByDbStoreId((*resultGroup)[0].GetUInt32())) RemoveFromGroup(group, playerguid); @@ -4801,8 +4804,11 @@ void Player::DeleteFromDB(uint64 playerguid, uint32 accountId, bool updateRealmC case CHAR_DELETE_REMOVE: { SQLTransaction trans = CharacterDatabase.BeginTransaction(); - // Return back all mails with COD and Item 0 1 2 3 4 5 6 7 - QueryResult resultMail = CharacterDatabase.PQuery("SELECT id, messageType, mailTemplateId, sender, subject, body, money, has_items FROM mail WHERE receiver='%u' AND has_items<>0 AND cod<>0", guid); + + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_COD_ITEM_MAIL); + stmt->setUInt32(0, guid); + PreparedQueryResult resultMail = CharacterDatabase.Query(stmt); + if (resultMail) { do @@ -4882,7 +4888,11 @@ void Player::DeleteFromDB(uint64 playerguid, uint32 accountId, bool updateRealmC // Unsummon and delete for pets in world is not required: player deleted from CLI or character list with not loaded pet. // NOW we can finally clear other DB data related to character - if (QueryResult resultPets = CharacterDatabase.PQuery("SELECT id FROM character_pet WHERE owner = '%u'", guid)) + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PETS); + stmt->setUInt32(0, guid); + PreparedQueryResult resultPets = CharacterDatabase.Query(stmt); + + if (resultPets) { do { @@ -4892,7 +4902,11 @@ void Player::DeleteFromDB(uint64 playerguid, uint32 accountId, bool updateRealmC } // Delete char from social list of online chars - if (QueryResult resultFriends = CharacterDatabase.PQuery("SELECT DISTINCT guid FROM character_social WHERE friend = '%u'", guid)) + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_SOCIAL); + stmt->setUInt32(0, guid); + PreparedQueryResult resultFriends = CharacterDatabase.Query(stmt); + + if (resultFriends) { do { @@ -4996,15 +5010,19 @@ void Player::DeleteOldCharacters(uint32 keepDays) { sLog->outString("Player::DeleteOldChars: Deleting all characters which have been deleted %u days before...", keepDays); - QueryResult resultChars = CharacterDatabase.PQuery("SELECT guid, deleteInfos_Account FROM characters WHERE deleteDate IS NOT NULL AND deleteDate < '%u'", uint32(time(NULL) - time_t(keepDays * DAY))); - if (resultChars) + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_OLD_CHARS); + stmt->setUInt32(0, uint32(time(NULL) - time_t(keepDays * DAY))); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + + if (result) { - sLog->outString("Player::DeleteOldChars: Found " UI64FMTD " character(s) to delete", resultChars->GetRowCount()); + sLog->outString("Player::DeleteOldChars: Found " UI64FMTD " character(s) to delete", result->GetRowCount()); do { - Field* charFields = resultChars->Fetch(); - Player::DeleteFromDB(charFields[0].GetUInt64(), charFields[1].GetUInt32(), true, true); - } while (resultChars->NextRow()); + Field* fields = result->Fetch(); + Player::DeleteFromDB(fields[0].GetUInt64(), fields[1].GetUInt32(), true, true); + } + while (result->NextRow()); } } @@ -7274,7 +7292,10 @@ void Player::ModifyArenaPoints(int32 value, SQLTransaction* trans /*=NULL*/) uint32 Player::GetGuildIdFromDB(uint64 guid) { - QueryResult result = CharacterDatabase.PQuery("SELECT guildid FROM guild_member WHERE guid='%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_MEMBER); + stmt->setUInt32(0, GUID_LOPART(guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return 0; @@ -7284,10 +7305,13 @@ uint32 Player::GetGuildIdFromDB(uint64 guid) uint8 Player::GetRankFromDB(uint64 guid) { - QueryResult result = CharacterDatabase.PQuery("SELECT rank FROM guild_member WHERE guid='%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_MEMBER); + stmt->setUInt32(0, GUID_LOPART(guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { - uint32 v = result->Fetch()[0].GetUInt8(); + uint32 v = result->Fetch()[1].GetUInt8(); return v; } else @@ -7296,7 +7320,11 @@ uint8 Player::GetRankFromDB(uint64 guid) uint32 Player::GetArenaTeamIdFromDB(uint64 guid, uint8 type) { - QueryResult result = CharacterDatabase.PQuery("SELECT arena_team_member.arenateamid FROM arena_team_member JOIN arena_team ON arena_team_member.arenateamid = arena_team.arenateamid WHERE guid='%u' AND type='%u' LIMIT 1", GUID_LOPART(guid), type); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_ARENA_TEAM_ID_BY_PLAYER_GUID); + stmt->setUInt32(0, GUID_LOPART(guid)); + stmt->setUInt8(1, type); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return 0; @@ -7307,7 +7335,10 @@ uint32 Player::GetArenaTeamIdFromDB(uint64 guid, uint8 type) uint32 Player::GetZoneIdFromDB(uint64 guid) { uint32 guidLow = GUID_LOPART(guid); - QueryResult result = CharacterDatabase.PQuery("SELECT zone FROM characters WHERE guid='%u'", guidLow); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_ZONE); + stmt->setUInt32(0, guidLow); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return 0; Field* fields = result->Fetch(); @@ -7316,7 +7347,10 @@ uint32 Player::GetZoneIdFromDB(uint64 guid) if (!zone) { // stored zone is zero, use generic and slow zone detection - result = CharacterDatabase.PQuery("SELECT map, position_x, position_y, position_z FROM characters WHERE guid='%u'", guidLow); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_POSITION_XYZ); + stmt->setUInt32(0, guidLow); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return 0; fields = result->Fetch(); @@ -7343,7 +7377,10 @@ uint32 Player::GetZoneIdFromDB(uint64 guid) uint32 Player::GetLevelFromDB(uint64 guid) { - QueryResult result = CharacterDatabase.PQuery("SELECT level FROM characters WHERE guid='%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_LEVEL); + stmt->setUInt32(0, GUID_LOPART(guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return 0; @@ -16537,7 +16574,10 @@ void Player::_LoadBGData(PreparedQueryResult result) bool Player::LoadPositionFromDB(uint32& mapid, float& x, float& y, float& z, float& o, bool& in_flight, uint64 guid) { - QueryResult result = CharacterDatabase.PQuery("SELECT position_x, position_y, position_z, orientation, map, taxi_path FROM characters WHERE guid = '%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_POSITION); + stmt->setUInt32(0, GUID_LOPART(guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return false; @@ -17723,27 +17763,31 @@ void Player::_LoadMailInit(PreparedQueryResult resultUnread, PreparedQueryResult void Player::_LoadMail() { m_mail.clear(); - //mails are in right order 0 1 2 3 4 5 6 7 8 9 10 11 12 13 - QueryResult result = CharacterDatabase.PQuery("SELECT id, messageType, sender, receiver, subject, body, has_items, expire_time, deliver_time, money, cod, checked, stationery, mailTemplateId FROM mail WHERE receiver = '%u' ORDER BY id DESC", GetGUIDLow()); + + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_MAIL); + stmt->setUInt32(0, GetGUIDLow()); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { do { Field* fields = result->Fetch(); Mail* m = new Mail; - m->messageID = fields[0].GetUInt32(); - m->messageType = fields[1].GetUInt8(); - m->sender = fields[2].GetUInt32(); - m->receiver = fields[3].GetUInt32(); - m->subject = fields[4].GetString(); - m->body = fields[5].GetString(); - bool has_items = fields[6].GetBool(); - m->expire_time = time_t(fields[7].GetUInt32()); - m->deliver_time = time_t(fields[8].GetUInt32()); - m->money = fields[9].GetUInt32(); - m->COD = fields[10].GetUInt32(); - m->checked = fields[11].GetUInt32(); - m->stationery = fields[12].GetUInt8(); + + m->messageID = fields[0].GetUInt32(); + m->messageType = fields[1].GetUInt8(); + m->sender = fields[2].GetUInt32(); + m->receiver = fields[3].GetUInt32(); + m->subject = fields[4].GetString(); + m->body = fields[5].GetString(); + bool has_items = fields[6].GetBool(); + m->expire_time = time_t(fields[7].GetUInt32()); + m->deliver_time = time_t(fields[8].GetUInt32()); + m->money = fields[9].GetUInt32(); + m->COD = fields[10].GetUInt32(); + m->checked = fields[11].GetUInt32(); + m->stationery = fields[12].GetUInt8(); m->mailTemplateId = fields[13].GetInt16(); if (m->mailTemplateId && !sMailTemplateStore.LookupEntry(m->mailTemplateId)) @@ -19351,8 +19395,10 @@ void Player::SetUInt32ValueInArray(Tokens& tokens, uint16 index, uint32 value) void Player::Customize(uint64 guid, uint8 gender, uint8 skin, uint8 face, uint8 hairStyle, uint8 hairColor, uint8 facialHair) { - // 0 - QueryResult result = CharacterDatabase.PQuery("SELECT playerBytes2 FROM characters WHERE guid = '%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_PLAYERBYTES2); + stmt->setUInt32(0, GUID_LOPART(guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return; @@ -19362,7 +19408,7 @@ void Player::Customize(uint64 guid, uint8 gender, uint8 skin, uint8 face, uint8 playerBytes2 &= ~0xFF; playerBytes2 |= facialHair; - PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_UPD_GENDER_PLAYERBYTES); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_UPD_GENDER_PLAYERBYTES); stmt->setUInt8(0, gender); stmt->setUInt32(1, skin | (face << 8) | (hairStyle << 16) | (hairColor << 24)); @@ -20200,11 +20246,19 @@ void Player::SendProficiency(ItemClass itemClass, uint32 itemSubclassMask) void Player::RemovePetitionsAndSigns(uint64 guid, uint32 type) { - QueryResult result = QueryResult(NULL); + PreparedStatement* stmt; + if (type == 10) - result = CharacterDatabase.PQuery("SELECT ownerguid, petitionguid FROM petition_sign WHERE playerguid = '%u'", GUID_LOPART(guid)); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_SIG_BY_GUID); else - result = CharacterDatabase.PQuery("SELECT ownerguid, petitionguid FROM petition_sign WHERE playerguid = '%u' AND type = '%u'", GUID_LOPART(guid), type); + { + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_SIG_BY_GUID_TYPE); + stmt->setUInt8(0, uint8(type)); + } + + stmt->setUInt32(0, GUID_LOPART(guid)); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { do // this part effectively does nothing, since the deletion / modification only takes place _after_ the PetitionQuery. Though I don't know if the result remains intact if I execute the delete query beforehand. @@ -25197,8 +25251,8 @@ void Player::SendMovementSetCanFly(bool apply) void Player::SendMovementSetCanTransitionBetweenSwimAndFly(bool apply) { - WorldPacket data(apply ? - SMSG_MOVE_SET_CAN_TRANSITION_BETWEEN_SWIM_AND_FLY : + WorldPacket data(apply ? + SMSG_MOVE_SET_CAN_TRANSITION_BETWEEN_SWIM_AND_FLY : SMSG_MOVE_UNSET_CAN_TRANSITION_BETWEEN_SWIM_AND_FLY, 12); data.append(GetPackGUID()); data << uint32(0); //! movement counter diff --git a/src/server/game/Entities/Transport/Transport.cpp b/src/server/game/Entities/Transport/Transport.cpp index 24fe75605d2..ebb524d5f64 100755 --- a/src/server/game/Entities/Transport/Transport.cpp +++ b/src/server/game/Entities/Transport/Transport.cpp @@ -129,8 +129,8 @@ void MapManager::LoadTransportNPCs() { uint32 oldMSTime = getMSTime(); - // 0 1 2 3 4 5 6 7 - QueryResult result = WorldDatabase.PQuery("SELECT guid, npc_entry, transport_entry, TransOffsetX, TransOffsetY, TransOffsetZ, TransOffsetO, emote FROM creature_transport"); + // 0 1 2 3 4 5 6 7 + QueryResult result = WorldDatabase.Query("SELECT guid, npc_entry, transport_entry, TransOffsetX, TransOffsetY, TransOffsetZ, TransOffsetO, emote FROM creature_transport"); if (!result) { diff --git a/src/server/game/Globals/ObjectMgr.cpp b/src/server/game/Globals/ObjectMgr.cpp index 01f41866c5b..b4d8d36afb0 100755 --- a/src/server/game/Globals/ObjectMgr.cpp +++ b/src/server/game/Globals/ObjectMgr.cpp @@ -1943,10 +1943,12 @@ uint64 ObjectMgr::GetPlayerGUIDByName(std::string name) const { uint64 guid = 0; - CharacterDatabase.EscapeString(name); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUID_BY_NAME); + + stmt->setString(0, name); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); - // Player name safe to sending to DB (checked at login) and this function using - QueryResult result = CharacterDatabase.PQuery("SELECT guid FROM characters WHERE name = '%s'", name.c_str()); if (result) guid = MAKE_NEW_GUID((*result)[0].GetUInt32(), 0, HIGHGUID_PLAYER); @@ -1962,7 +1964,11 @@ bool ObjectMgr::GetPlayerNameByGUID(uint64 guid, std::string &name) const return true; } - QueryResult result = CharacterDatabase.PQuery("SELECT name FROM characters WHERE guid = '%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARACTER_NAME); + + stmt->setUInt32(0, GUID_LOPART(guid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -1981,7 +1987,11 @@ uint32 ObjectMgr::GetPlayerTeamByGUID(uint64 guid) const return Player::TeamForRace(player->getRace()); } - QueryResult result = CharacterDatabase.PQuery("SELECT race FROM characters WHERE guid = '%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_RACE); + + stmt->setUInt32(0, GUID_LOPART(guid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -2000,7 +2010,12 @@ uint32 ObjectMgr::GetPlayerAccountIdByGUID(uint64 guid) const return player->GetSession()->GetAccountId(); } - QueryResult result = CharacterDatabase.PQuery("SELECT account FROM characters WHERE guid = '%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_ACCOUNT_BY_GUID); + + stmt->setUInt32(0, GUID_LOPART(guid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { uint32 acc = (*result)[0].GetUInt32(); @@ -2012,7 +2027,12 @@ uint32 ObjectMgr::GetPlayerAccountIdByGUID(uint64 guid) const uint32 ObjectMgr::GetPlayerAccountIdByPlayerName(const std::string& name) const { - QueryResult result = CharacterDatabase.PQuery("SELECT account FROM characters WHERE name = '%s'", name.c_str()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_ACCOUNT_BY_NAME); + + stmt->setString(0, name); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { uint32 acc = (*result)[0].GetUInt32(); @@ -4809,7 +4829,9 @@ void ObjectMgr::LoadWaypointScripts() for (ScriptMapMap::const_iterator itr = sWaypointScripts.begin(); itr != sWaypointScripts.end(); ++itr) actionSet.insert(itr->first); - QueryResult result = WorldDatabase.PQuery("SELECT DISTINCT(`action`) FROM waypoint_data"); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WOLRD_SEL_WAYPOINT_DATA_ACTION); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (result) { do @@ -7033,8 +7055,8 @@ void ObjectMgr::LoadQuestPOI() return; } - // 0 1 2 3 - QueryResult points = WorldDatabase.PQuery("SELECT questId, id, x, y FROM quest_poi_points ORDER BY questId DESC, idx"); + // 0 1 2 3 + QueryResult points = WorldDatabase.Query("SELECT questId, id, x, y FROM quest_poi_points ORDER BY questId DESC, idx"); std::vector<std::vector<std::vector<QuestPOIPoint> > > POIs; @@ -8189,7 +8211,10 @@ void ObjectMgr::LoadTrainerSpell() int ObjectMgr::LoadReferenceVendor(int32 vendor, int32 item, std::set<uint32> *skip_vendors) { // find all items from the reference vendor - QueryResult result = WorldDatabase.PQuery("SELECT item, maxcount, incrtime, ExtendedCost FROM npc_vendor WHERE entry='%d' ORDER BY slot ASC", item); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_NPC_VENDOR_REF); + stmt->setUInt32(0, uint32(item)); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) return 0; diff --git a/src/server/game/Groups/GroupMgr.cpp b/src/server/game/Groups/GroupMgr.cpp index ae400852c73..3d901f42501 100644 --- a/src/server/game/Groups/GroupMgr.cpp +++ b/src/server/game/Groups/GroupMgr.cpp @@ -120,7 +120,7 @@ void GroupMgr::LoadGroups() CharacterDatabase.DirectExecute("DELETE FROM groups WHERE guid NOT IN (SELECT guid FROM group_member GROUP BY guid HAVING COUNT(guid) > 1)"); // 0 1 2 3 4 5 6 7 8 9 - QueryResult result = CharacterDatabase.PQuery("SELECT g.leaderGuid, g.lootMethod, g.looterGuid, g.lootThreshold, g.icon1, g.icon2, g.icon3, g.icon4, g.icon5, g.icon6" + QueryResult result = CharacterDatabase.Query("SELECT g.leaderGuid, g.lootMethod, g.looterGuid, g.lootThreshold, g.icon1, g.icon2, g.icon3, g.icon4, g.icon5, g.icon6" // 10 11 12 13 14 15 16 17 ", g.icon7, g.icon8, g.groupType, g.difficulty, g.raiddifficulty, g.guid, lfg.dungeon, lfg.state FROM groups g LEFT JOIN lfg_data lfg ON lfg.guid = g.guid ORDER BY g.guid ASC"); if (!result) diff --git a/src/server/game/Handlers/CharacterHandler.cpp b/src/server/game/Handlers/CharacterHandler.cpp index 15e05ccfbf7..b7225e89235 100644 --- a/src/server/game/Handlers/CharacterHandler.cpp +++ b/src/server/game/Handlers/CharacterHandler.cpp @@ -702,12 +702,17 @@ void WorldSession::HandleCharDeleteOpcode(WorldPacket & recv_data) return; } - QueryResult result = CharacterDatabase.PQuery("SELECT account, name FROM characters WHERE guid='%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_ACCOUNT_NAME_BY_GUID); + + stmt->setUInt32(0, GUID_LOPART(guid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { Field* fields = result->Fetch(); - accountId = fields[0].GetUInt32(); - name = fields[1].GetString(); + accountId = fields[0].GetUInt32(); + name = fields[1].GetString(); } // prevent deleting other players' characters using cheating tools @@ -1363,7 +1368,12 @@ void WorldSession::HandleCharCustomize(WorldPacket& recv_data) uint8 gender, skin, face, hairStyle, hairColor, facialHair; recv_data >> gender >> skin >> hairColor >> hairStyle >> facialHair >> face; - QueryResult result = CharacterDatabase.PQuery("SELECT at_login FROM characters WHERE guid ='%u'", GUID_LOPART(guid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARACTER_AT_LOGIN); + + stmt->setUInt32(0, GUID_LOPART(guid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) { WorldPacket data(SMSG_CHAR_CUSTOMIZE, 1); @@ -1422,15 +1432,18 @@ void WorldSession::HandleCharCustomize(WorldPacket& recv_data) } } - if (QueryResult oldNameResult = CharacterDatabase.PQuery("SELECT name FROM characters WHERE guid ='%u'", GUID_LOPART(guid))) + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARACTER_NAME); + stmt->setUInt32(0, GUID_LOPART(guid)); + result = CharacterDatabase.Query(stmt); + + if (result) { - std::string oldname = oldNameResult->Fetch()[0].GetString(); - std::string IP_str = GetRemoteAddress(); - sLog->outChar("Account: %d (IP: %s), Character[%s] (guid:%u) Customized to: %s", GetAccountId(), IP_str.c_str(), oldname.c_str(), GUID_LOPART(guid), newName.c_str()); + std::string oldname = result->Fetch()[0].GetString(); + sLog->outChar("Account: %d (IP: %s), Character[%s] (guid:%u) Customized to: %s", GetAccountId(), GetRemoteAddress().c_str(), oldname.c_str(), GUID_LOPART(guid), newName.c_str()); } Player::Customize(guid, gender, skin, face, hairStyle, hairColor, facialHair); - PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_UPD_CHAR_NAME_AT_LOGIN); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_UPD_CHAR_NAME_AT_LOGIN); stmt->setString(0, newName); stmt->setUInt16(1, uint16(AT_LOGIN_CUSTOMIZE)); @@ -1575,7 +1588,13 @@ void WorldSession::HandleCharFactionOrRaceChange(WorldPacket& recv_data) recv_data >> gender >> skin >> hairColor >> hairStyle >> facialHair >> face >> race; uint32 lowGuid = GUID_LOPART(guid); - QueryResult result = CharacterDatabase.PQuery("SELECT class, level, at_login FROM characters WHERE guid ='%u'", lowGuid); + + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_CLASS_LVL_AT_LOGIN); + + stmt->setUInt32(0, lowGuid); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) { WorldPacket data(SMSG_CHAR_FACTION_CHANGE, 1); @@ -1811,8 +1830,13 @@ void WorldSession::HandleCharFactionOrRaceChange(WorldPacket& recv_data) if (!sWorld->getBoolConfig(CONFIG_ALLOW_TWO_SIDE_INTERACTION_GUILD)) { // Reset guild - if (QueryResult result2 = CharacterDatabase.PQuery("SELECT guildid FROM `guild_member` WHERE guid ='%u'", lowGuid)) - if (Guild* guild = sGuildMgr->GetGuildById((result2->Fetch()[0]).GetUInt32())) + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_MEMBER); + + stmt->setUInt32(0, lowGuid); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) + if (Guild* guild = sGuildMgr->GetGuildById((result->Fetch()[0]).GetUInt32())) guild->DeleteMember(MAKE_NEW_GUID(lowGuid, 0, HIGHGUID_PLAYER)); } diff --git a/src/server/game/Handlers/MailHandler.cpp b/src/server/game/Handlers/MailHandler.cpp index a8522bb2582..117824bfb62 100755 --- a/src/server/game/Handlers/MailHandler.cpp +++ b/src/server/game/Handlers/MailHandler.cpp @@ -128,12 +128,26 @@ void WorldSession::HandleSendMail(WorldPacket & recv_data) else { rc_team = sObjectMgr->GetPlayerTeamByGUID(rc); - if (QueryResult result = CharacterDatabase.PQuery("SELECT COUNT(*) FROM mail WHERE receiver = '%u'", GUID_LOPART(rc))) + + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_MAIL_COUNT); + + stmt->setUInt32(0, GUID_LOPART(rc)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + + if (result) { Field* fields = result->Fetch(); mails_count = fields[0].GetUInt32(); } - if (QueryResult result = CharacterDatabase.PQuery("SELECT level FROM characters WHERE guid = '%u'", GUID_LOPART(rc))) + + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_LEVEL); + + stmt->setUInt32(0, GUID_LOPART(rc)); + + result = CharacterDatabase.Query(stmt); + + if (result) { Field* fields = result->Fetch(); receiveLevel = fields[0].GetUInt8(); diff --git a/src/server/game/Handlers/MiscHandler.cpp b/src/server/game/Handlers/MiscHandler.cpp index 17f96a0fcda..35872f8c63f 100755 --- a/src/server/game/Handlers/MiscHandler.cpp +++ b/src/server/game/Handlers/MiscHandler.cpp @@ -1303,7 +1303,12 @@ void WorldSession::HandleWhoisOpcode(WorldPacket& recv_data) uint32 accid = player->GetSession()->GetAccountId(); - QueryResult result = LoginDatabase.PQuery("SELECT username, email, last_ip FROM account WHERE id=%u", accid); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_WHOIS); + + stmt->setUInt32(0, accid); + + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (!result) { SendNotification(LANG_ACCOUNT_FOR_PLAYER_NOT_FOUND, charname.c_str()); diff --git a/src/server/game/Handlers/PetitionsHandler.cpp b/src/server/game/Handlers/PetitionsHandler.cpp index 38d17d8c3b6..e072004c48c 100755 --- a/src/server/game/Handlers/PetitionsHandler.cpp +++ b/src/server/game/Handlers/PetitionsHandler.cpp @@ -215,7 +215,10 @@ void WorldSession::HandlePetitionBuyOpcode(WorldPacket & recv_data) // a petition is invalid, if both the owner and the type matches // we checked above, if this player is in an arenateam, so this must be // datacorruption - QueryResult result = CharacterDatabase.PQuery("SELECT petitionguid FROM petition WHERE ownerguid = '%u' AND type = '%u'", _player->GetGUIDLow(), type); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_BY_OWNER); + stmt->setUInt32(0, _player->GetGUIDLow()); + stmt->setUInt8(1, type); + PreparedQueryResult result = CharacterDatabase.Query(stmt); std::ostringstream ssInvalidPetitionGUIDs; @@ -250,9 +253,14 @@ void WorldSession::HandlePetitionShowSignOpcode(WorldPacket& recv_data) recv_data >> petitionguid; // petition guid // solve (possible) some strange compile problems with explicit use GUID_LOPART(petitionguid) at some GCC versions (wrong code optimization in compiler?) - uint32 petitionguid_low = GUID_LOPART(petitionguid); + uint32 petitionGuidLow = GUID_LOPART(petitionguid); + + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_TYPE); + + stmt->setUInt32(0, petitionGuidLow); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); - QueryResult result = CharacterDatabase.PQuery("SELECT type FROM petition WHERE petitionguid = '%u'", petitionguid_low); if (!result) { sLog->outDebug(LOG_FILTER_PLAYER_ITEMS, "Petition %u is not found for player %u %s", GUID_LOPART(petitionguid), GetPlayer()->GetGUIDLow(), GetPlayer()->GetName()); @@ -265,18 +273,22 @@ void WorldSession::HandlePetitionShowSignOpcode(WorldPacket& recv_data) if (type == GUILD_CHARTER_TYPE && _player->GetGuildId()) return; - result = CharacterDatabase.PQuery("SELECT playerguid FROM petition_sign WHERE petitionguid = '%u'", petitionguid_low); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_SIGNATURE); + + stmt->setUInt32(0, petitionGuidLow); + + result = CharacterDatabase.Query(stmt); // result == NULL also correct in case no sign yet if (result) signs = uint8(result->GetRowCount()); - sLog->outDebug(LOG_FILTER_NETWORKIO, "CMSG_PETITION_SHOW_SIGNATURES petition entry: '%u'", petitionguid_low); + sLog->outDebug(LOG_FILTER_NETWORKIO, "CMSG_PETITION_SHOW_SIGNATURES petition entry: '%u'", petitionGuidLow); WorldPacket data(SMSG_PETITION_SHOW_SIGNATURES, (8+8+4+1+signs*12)); data << uint64(petitionguid); // petition guid data << uint64(_player->GetGUID()); // owner guid - data << uint32(petitionguid_low); // guild guid + data << uint32(petitionGuidLow); // guild guid data << uint8(signs); // sign's count for (uint8 i = 1; i <= signs; ++i) @@ -311,9 +323,11 @@ void WorldSession::SendPetitionQueryOpcode(uint64 petitionguid) uint32 type; std::string name = "NO_NAME_FOR_GUID"; - // TODO: Use CHAR_LOAD_PETITION PS - QueryResult result = CharacterDatabase.PQuery("SELECT ownerguid, name, type " - "FROM petition WHERE petitionguid = '%u'", GUID_LOPART(petitionguid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION); + + stmt->setUInt32(0, GUID_LOPART(petitionguid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -382,7 +396,11 @@ void WorldSession::HandlePetitionRenameOpcode(WorldPacket & recv_data) if (!item) return; - QueryResult result = CharacterDatabase.PQuery("SELECT type FROM petition WHERE petitionguid = '%u'", GUID_LOPART(petitionGuid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_TYPE); + + stmt->setUInt32(0, GUID_LOPART(petitionGuid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (result) { @@ -422,7 +440,7 @@ void WorldSession::HandlePetitionRenameOpcode(WorldPacket & recv_data) } } - PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_UPD_PETITION_NAME); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_UPD_PETITION_NAME); stmt->setString(0, newName); stmt->setUInt32(1, GUID_LOPART(petitionGuid)); @@ -446,11 +464,12 @@ void WorldSession::HandlePetitionSignOpcode(WorldPacket & recv_data) recv_data >> petitionGuid; // petition guid recv_data >> unk; - QueryResult result = CharacterDatabase.PQuery( - "SELECT ownerguid, " - " (SELECT COUNT(playerguid) FROM petition_sign WHERE petition_sign.petitionguid = '%u') AS signs, " - " type " - "FROM petition WHERE petitionguid = '%u'", GUID_LOPART(petitionGuid), GUID_LOPART(petitionGuid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_SIGNATURES); + + stmt->setUInt32(0, GUID_LOPART(petitionGuid)); + stmt->setUInt32(1, GUID_LOPART(petitionGuid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); if (!result) { @@ -518,9 +537,14 @@ void WorldSession::HandlePetitionSignOpcode(WorldPacket & recv_data) if (++signs > type) // client signs maximum return; - //client doesn't allow to sign petition two times by one character, but not check sign by another character from same account - //not allow sign another player from already sign player account - result = CharacterDatabase.PQuery("SELECT playerguid FROM petition_sign WHERE player_account = '%u' AND petitionguid = '%u'", GetAccountId(), GUID_LOPART(petitionGuid)); + // Client doesn't allow to sign petition two times by one character, but not check sign by another character from same account + // not allow sign another player from already sign player account + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_SIG_BY_ACCOUNT); + + stmt->setUInt32(0, GetAccountId()); + stmt->setUInt32(1, GUID_LOPART(petitionGuid)); + + result = CharacterDatabase.Query(stmt); if (result) { @@ -538,7 +562,7 @@ void WorldSession::HandlePetitionSignOpcode(WorldPacket & recv_data) return; } - PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_INS_PETITION_SIGNATURE); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_INS_PETITION_SIGNATURE); stmt->setUInt32(0, GUID_LOPART(ownerGuid)); stmt->setUInt32(1, GUID_LOPART(petitionGuid)); @@ -576,7 +600,12 @@ void WorldSession::HandlePetitionDeclineOpcode(WorldPacket & recv_data) recv_data >> petitionguid; // petition guid sLog->outDebug(LOG_FILTER_NETWORKIO, "Petition %u declined by %u", GUID_LOPART(petitionguid), _player->GetGUIDLow()); - QueryResult result = CharacterDatabase.PQuery("SELECT ownerguid FROM petition WHERE petitionguid = '%u'", GUID_LOPART(petitionguid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_OWNER_BY_GUID); + + stmt->setUInt32(0, GUID_LOPART(petitionguid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return; @@ -608,7 +637,12 @@ void WorldSession::HandleOfferPetitionOpcode(WorldPacket & recv_data) if (!player) return; - QueryResult result = CharacterDatabase.PQuery("SELECT type FROM petition WHERE petitionguid = '%u'", GUID_LOPART(petitionguid)); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_TYPE); + + stmt->setUInt32(0, GUID_LOPART(petitionguid)); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (!result) return; @@ -667,7 +701,13 @@ void WorldSession::HandleOfferPetitionOpcode(WorldPacket & recv_data) } } - result = CharacterDatabase.PQuery("SELECT playerguid FROM petition_sign WHERE petitionguid = '%u'", GUID_LOPART(petitionguid)); + + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PETITION_SIGNATURE); + + stmt->setUInt32(0, GUID_LOPART(petitionguid)); + + result = CharacterDatabase.Query(stmt); + // result == NULL also correct charter without signs if (result) signs = uint8(result->GetRowCount()); diff --git a/src/server/game/Handlers/SpellHandler.cpp b/src/server/game/Handlers/SpellHandler.cpp index 9ea0e124112..36986075b4e 100755 --- a/src/server/game/Handlers/SpellHandler.cpp +++ b/src/server/game/Handlers/SpellHandler.cpp @@ -241,7 +241,12 @@ void WorldSession::HandleOpenItemOpcode(WorldPacket& recvPacket) if (item->HasFlag(ITEM_FIELD_FLAGS, ITEM_FLAG_WRAPPED))// wrapped? { - QueryResult result = CharacterDatabase.PQuery("SELECT entry, flags FROM character_gifts WHERE item_guid = '%u'", item->GetGUIDLow()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARACTER_GIFT_BY_ITEM); + + stmt->setUInt32(0, item->GetGUIDLow()); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { Field* fields = result->Fetch(); @@ -260,7 +265,7 @@ void WorldSession::HandleOpenItemOpcode(WorldPacket& recvPacket) return; } - PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_DEL_GIFT); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_DEL_GIFT); stmt->setUInt32(0, item->GetGUIDLow()); diff --git a/src/server/game/Maps/Map.cpp b/src/server/game/Maps/Map.cpp index 91ebea9f321..86d95857cce 100755 --- a/src/server/game/Maps/Map.cpp +++ b/src/server/game/Maps/Map.cpp @@ -2527,7 +2527,11 @@ void InstanceMap::CreateInstanceData(bool load) if (load) { // TODO: make a global storage for this - QueryResult result = CharacterDatabase.PQuery("SELECT data, completedEncounters FROM instance WHERE map = '%u' AND id = '%u'", GetId(), i_InstanceId); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_INSTANCE); + stmt->setUInt16(0, uint16(GetId())); + stmt->setUInt32(1, i_InstanceId); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { Field* fields = result->Fetch(); diff --git a/src/server/game/Movement/Waypoints/WaypointManager.cpp b/src/server/game/Movement/Waypoints/WaypointManager.cpp index b957674151b..2c3a58f55a3 100755 --- a/src/server/game/Movement/Waypoints/WaypointManager.cpp +++ b/src/server/game/Movement/Waypoints/WaypointManager.cpp @@ -100,7 +100,12 @@ void WaypointMgr::ReloadPath(uint32 id) _waypointStore.erase(itr); } - QueryResult result = WorldDatabase.PQuery("SELECT point, position_x, position_y, position_z, orientation, move_flag, delay, action, action_chance FROM waypoint_data WHERE id = %u ORDER BY point", id); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_BY_ID); + + stmt->setUInt32(0, id); + + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) return; diff --git a/src/server/game/Pools/PoolMgr.cpp b/src/server/game/Pools/PoolMgr.cpp index 05ce7a0a50d..71204f92826 100755 --- a/src/server/game/Pools/PoolMgr.cpp +++ b/src/server/game/Pools/PoolMgr.cpp @@ -440,7 +440,12 @@ void PoolGroup<Quest>::SpawnObject(ActivePoolData& spawns, uint32 limit, uint32 // load state from db if (!triggerFrom) { - QueryResult result = CharacterDatabase.PQuery("SELECT quest_id FROM pool_quest_save WHERE pool_id = %u", poolId); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_POOL_QUEST_SAVE); + + stmt->setUInt32(0, poolId); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) { do diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp index 2c6098fb23f..40b4a0bad4f 100755 --- a/src/server/game/Server/WorldSocket.cpp +++ b/src/server/game/Server/WorldSocket.cpp @@ -812,13 +812,11 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket) clientSeed); // Get the account information from the realmd database - std::string safe_account = account; // Duplicate, else will screw the SHA hash verification below - LoginDatabase.EscapeString (safe_account); - // No SQL injection, username escaped. + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_INFO_BY_NAME); - // 0 1 2 3 4 5 6 7 8 9 10 - QueryResult result = LoginDatabase.PQuery ("SELECT id, sessionkey, last_ip, locked, v, s, expansion, mutetime, locale, recruiter, os FROM account " - "WHERE username = '%s'", safe_account.c_str()); + stmt->setString(0, account); + + PreparedQueryResult result = LoginDatabase.Query(stmt); // Stop if the account is not found if (!result) @@ -899,29 +897,28 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket) std::string os = fields[10].GetString(); // Checks gmlevel per Realm - result = - LoginDatabase.PQuery ("SELECT " - "RealmID, " //0 - "gmlevel " //1 - "FROM account_access " - "WHERE id = '%d'" - " AND (RealmID = '%d'" - " OR RealmID = '-1')", - id, realmID); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_GMLEVEL_BY_REALMID); + + stmt->setUInt32(0, id); + stmt->setInt32(1, int32(realmID)); + + result = LoginDatabase.Query(stmt); + if (!result) security = 0; else { fields = result->Fetch(); - security = fields[1].GetInt32(); + security = fields[0].GetInt32(); } // Re-check account ban (same check as in realmd) - QueryResult banresult = - LoginDatabase.PQuery ("SELECT 1 FROM account_banned WHERE id = %u AND active = 1 " - "UNION " - "SELECT 1 FROM ip_banned WHERE ip = '%s'", - id, GetRemoteAddress().c_str()); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BANS); + + stmt->setUInt32(0, id); + stmt->setString(1, GetRemoteAddress()); + + PreparedQueryResult banresult = LoginDatabase.Query(stmt); if (banresult) // if account banned { @@ -976,7 +973,11 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket) address.c_str()); // Check if this user is by any chance a recruiter - result = LoginDatabase.PQuery ("SELECT 1 FROM account WHERE recruiter = %u", id); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_RECRUITER); + + stmt->setUInt32(0, id); + + result = LoginDatabase.Query(stmt); bool isRecruiter = false; if (result) @@ -984,7 +985,7 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket) // Update the last_ip in the database - PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_IP); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_IP); stmt->setString(0, address); stmt->setString(1, account); diff --git a/src/server/game/Tools/PlayerDump.cpp b/src/server/game/Tools/PlayerDump.cpp index 900fcf7392a..8d5d16d22b9 100644 --- a/src/server/game/Tools/PlayerDump.cpp +++ b/src/server/game/Tools/PlayerDump.cpp @@ -406,7 +406,10 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s bool incHighest = true; if (guid != 0 && guid < sObjectMgr->_hiCharGuid) { - result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE guid = '%d'", guid); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHECK_GUID); + stmt->setUInt32(0, guid); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) guid = sObjectMgr->_hiCharGuid; // use first free if exists else incHighest = false; @@ -420,8 +423,10 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s if (ObjectMgr::CheckPlayerName(name, true) == CHAR_NAME_SUCCESS) { - CharacterDatabase.EscapeString(name); // for safe, we use name only for sql quearies anyway - result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE name = '%s'", name.c_str()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHECK_NAME); + stmt->setString(0, name); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) name = ""; // use the one from the dump } @@ -524,9 +529,11 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s { // check if the original name already exists name = getnth(line, 3); - CharacterDatabase.EscapeString(name); - result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE name = '%s'", name.c_str()); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHECK_NAME); + stmt->setString(0, name); + PreparedQueryResult result = CharacterDatabase.Query(stmt); + if (result) if (!changenth(line, 37, "1")) // characters.at_login set to "rename on login" ROLLBACK(DUMP_FILE_BROKEN); diff --git a/src/server/game/World/World.cpp b/src/server/game/World/World.cpp index af0c83a7a1b..13f2f1b44b8 100755 --- a/src/server/game/World/World.cpp +++ b/src/server/game/World/World.cpp @@ -2334,7 +2334,7 @@ BanReturn World::BanAccount(BanMode mode, std::string nameOrIP, std::string dura do { Field* fieldsAccount = resultAccounts->Fetch(); - uint32 account = fieldsAccount->GetUInt32(); + uint32 account = fieldsAccount[0].GetUInt32(); if (mode != BAN_IP) { @@ -2770,7 +2770,10 @@ void World::ResetDailyQuests() void World::LoadDBAllowedSecurityLevel() { - QueryResult result = LoginDatabase.PQuery("SELECT allowedSecurityLevel from realmlist WHERE id = '%d'", realmID); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_REALMLIST_SECURITY_LEVEL); + stmt->setInt32(0, int32(realmID)); + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (result) SetPlayerSecurityLimit(AccountTypes(result->Fetch()->GetUInt16())); } diff --git a/src/server/scripts/Commands/cs_account.cpp b/src/server/scripts/Commands/cs_account.cpp index 86818e2c931..09c5c6c6007 100644 --- a/src/server/scripts/Commands/cs_account.cpp +++ b/src/server/scripts/Commands/cs_account.cpp @@ -194,8 +194,11 @@ public: static bool HandleAccountOnlineListCommand(ChatHandler* handler, char const* /*args*/) { ///- Get the list of accounts ID logged to the realm - QueryResult resultDB = CharacterDatabase.Query("SELECT name, account, map, zone FROM characters WHERE online > 0"); - if (!resultDB) + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARACTER_ONLINE); + + PreparedQueryResult result = CharacterDatabase.Query(stmt); + + if (!result) { handler->SendSysMessage(LANG_ACCOUNT_LIST_EMPTY); return true; @@ -209,18 +212,15 @@ public: ///- Cycle through accounts do { - Field* fieldsDB = resultDB->Fetch(); + Field* fieldsDB = result->Fetch(); std::string name = fieldsDB[0].GetString(); uint32 account = fieldsDB[1].GetUInt32(); ///- Get the username, last IP and GM level of each account // No SQL injection. account is uint32. - QueryResult resultLogin = - LoginDatabase.PQuery("SELECT a.username, a.last_ip, aa.gmlevel, a.expansion " - "FROM account a " - "LEFT JOIN account_access aa " - "ON (a.id = aa.id) " - "WHERE a.id = '%u'", account); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_INFO); + stmt->setUInt32(0, account); + PreparedQueryResult resultLogin = LoginDatabase.Query(stmt); if (resultLogin) { @@ -233,7 +233,7 @@ public: else handler->PSendSysMessage(LANG_ACCOUNT_LIST_ERROR, name.c_str()); - } while (resultDB->NextRow()); + } while (result->NextRow()); handler->SendSysMessage(LANG_ACCOUNT_LIST_BAR); return true; @@ -469,7 +469,13 @@ public: // Check and abort if the target gm has a higher rank on one of the realms and the new realm is -1 if (gmRealmID == -1 && !AccountMgr::IsConsoleAccount(playerSecurity)) { - QueryResult result = LoginDatabase.PQuery("SELECT * FROM account_access WHERE id = '%u' AND gmlevel > '%d'", targetAccountId, gm); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_ACCESS_GMLEVEL_TEST); + + stmt->setUInt32(0, targetAccountId); + stmt->setUInt8(1, uint8(gm)); + + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (result) { handler->SendSysMessage(LANG_YOURS_SECURITY_IS_LOW); diff --git a/src/server/scripts/Commands/cs_gm.cpp b/src/server/scripts/Commands/cs_gm.cpp index 9b9d1cfd146..d449b3617f7 100644 --- a/src/server/scripts/Commands/cs_gm.cpp +++ b/src/server/scripts/Commands/cs_gm.cpp @@ -156,7 +156,11 @@ public: static bool HandleGMListFullCommand(ChatHandler* handler, char const* /*args*/) { ///- Get the accounts with GM Level >0 - QueryResult result = LoginDatabase.PQuery("SELECT a.username, aa.gmlevel FROM account a, account_access aa WHERE a.id=aa.id AND aa.gmlevel >= %u AND (aa.realmid = -1 OR aa.realmid = %u)", SEC_MODERATOR, realmID); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_GM_ACCOUNTS); + stmt->setUInt8(0, uint8(SEC_MODERATOR)); + stmt->setInt32(1, int32(realmID)); + PreparedQueryResult result = LoginDatabase.Query(stmt); + if (result) { handler->SendSysMessage(LANG_GMLIST); diff --git a/src/server/scripts/Commands/cs_gobject.cpp b/src/server/scripts/Commands/cs_gobject.cpp index 74b8272201b..232aad9f21c 100644 --- a/src/server/scripts/Commands/cs_gobject.cpp +++ b/src/server/scripts/Commands/cs_gobject.cpp @@ -535,11 +535,17 @@ public: uint32 count = 0; Player* player = handler->GetSession()->GetPlayer(); - QueryResult result = WorldDatabase.PQuery("SELECT guid, id, position_x, position_y, position_z, map, " - "(POW(position_x - '%f', 2) + POW(position_y - '%f', 2) + POW(position_z - '%f', 2)) AS order_ " - "FROM gameobject WHERE map='%u' AND (POW(position_x - '%f', 2) + POW(position_y - '%f', 2) + POW(position_z - '%f', 2)) <= '%f' ORDER BY order_", - player->GetPositionX(), player->GetPositionY(), player->GetPositionZ(), - player->GetMapId(), player->GetPositionX(), player->GetPositionY(), player->GetPositionZ(), distance * distance); + + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_GAMEOBJECT_NEAREST); + stmt->setFloat(0, player->GetPositionX()); + stmt->setFloat(1, player->GetPositionY()); + stmt->setFloat(2, player->GetPositionZ()); + stmt->setUInt32(3, player->GetMapId()); + stmt->setFloat(4, player->GetPositionX()); + stmt->setFloat(5, player->GetPositionY()); + stmt->setFloat(6, player->GetPositionZ()); + stmt->setFloat(7, distance * distance); + PreparedQueryResult result = WorldDatabase.Query(stmt); if (result) { diff --git a/src/server/scripts/Commands/cs_reload.cpp b/src/server/scripts/Commands/cs_reload.cpp index 1520a944f6e..5f192ffceee 100644 --- a/src/server/scripts/Commands/cs_reload.cpp +++ b/src/server/scripts/Commands/cs_reload.cpp @@ -413,7 +413,11 @@ public: for (Tokens::const_iterator itr = entries.begin(); itr != entries.end(); ++itr) { uint32 entry = uint32(atoi(*itr)); - QueryResult result = WorldDatabase.PQuery("SELECT difficulty_entry_1, difficulty_entry_2, difficulty_entry_3, KillCredit1, KillCredit2, modelid1, modelid2, modelid3, modelid4, name, subname, IconName, gossip_menu_id, minlevel, maxlevel, exp, faction_A, faction_H, npcflag, speed_walk, speed_run, scale, rank, mindmg, maxdmg, dmgschool, attackpower, dmg_multiplier, baseattacktime, rangeattacktime, unit_class, unit_flags, dynamicflags, family, trainer_type, trainer_spell, trainer_class, trainer_race, minrangedmg, maxrangedmg, rangedattackpower, type, type_flags, lootid, pickpocketloot, skinloot, resistance1, resistance2, resistance3, resistance4, resistance5, resistance6, spell1, spell2, spell3, spell4, spell5, spell6, spell7, spell8, PetSpellDataId, VehicleId, mingold, maxgold, AIName, MovementType, InhabitType, HoverHeight, Health_mod, Mana_mod, Armor_mod, RacialLeader, questItem1, questItem2, questItem3, questItem4, questItem5, questItem6, movementId, RegenHealth, equipment_id, mechanic_immune_mask, flags_extra, ScriptName FROM creature_template WHERE entry = %u", entry); + + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_CREATURE_TEMPLATE); + stmt->setUInt32(0, entry); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) { handler->PSendSysMessage(LANG_COMMAND_CREATURETEMPLATE_NOTFOUND, entry); @@ -434,87 +438,87 @@ public: const_cast<CreatureTemplate*>(cInfo)->DifficultyEntry[0] = fields[0].GetUInt32(); const_cast<CreatureTemplate*>(cInfo)->DifficultyEntry[1] = fields[1].GetUInt32(); const_cast<CreatureTemplate*>(cInfo)->DifficultyEntry[2] = fields[2].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->KillCredit[0] = fields[3].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->KillCredit[1] = fields[4].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->Modelid1 = fields[5].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->Modelid2 = fields[6].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->Modelid3 = fields[7].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->Modelid4 = fields[8].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->Name = fields[9].GetString(); - const_cast<CreatureTemplate*>(cInfo)->SubName = fields[10].GetString(); - const_cast<CreatureTemplate*>(cInfo)->IconName = fields[11].GetString(); - const_cast<CreatureTemplate*>(cInfo)->GossipMenuId = fields[12].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->minlevel = fields[13].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->maxlevel = fields[14].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->expansion = fields[15].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->faction_A = fields[16].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->faction_H = fields[17].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->npcflag = fields[18].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->speed_walk = fields[19].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->speed_run = fields[20].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->scale = fields[21].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->rank = fields[22].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->mindmg = fields[23].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->maxdmg = fields[24].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->dmgschool = fields[25].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->attackpower = fields[26].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->dmg_multiplier = fields[27].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->baseattacktime = fields[28].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->rangeattacktime = fields[29].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->unit_class = fields[30].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->unit_flags = fields[31].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->dynamicflags = fields[32].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->family = fields[33].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->trainer_type = fields[34].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->trainer_spell = fields[35].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->trainer_class = fields[36].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->trainer_race = fields[37].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->minrangedmg = fields[38].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->maxrangedmg = fields[39].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->rangedattackpower = fields[40].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->type = fields[41].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->type_flags = fields[42].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->lootid = fields[43].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->pickpocketLootId = fields[44].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->SkinLootId = fields[45].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->KillCredit[0] = fields[3].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->KillCredit[1] = fields[4].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->Modelid1 = fields[5].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->Modelid2 = fields[6].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->Modelid3 = fields[7].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->Modelid4 = fields[8].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->Name = fields[9].GetString(); + const_cast<CreatureTemplate*>(cInfo)->SubName = fields[10].GetString(); + const_cast<CreatureTemplate*>(cInfo)->IconName = fields[11].GetString(); + const_cast<CreatureTemplate*>(cInfo)->GossipMenuId = fields[12].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->minlevel = fields[13].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->maxlevel = fields[14].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->expansion = fields[15].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->faction_A = fields[16].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->faction_H = fields[17].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->npcflag = fields[18].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->speed_walk = fields[19].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->speed_run = fields[20].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->scale = fields[21].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->rank = fields[22].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->mindmg = fields[23].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->maxdmg = fields[24].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->dmgschool = fields[25].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->attackpower = fields[26].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->dmg_multiplier = fields[27].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->baseattacktime = fields[28].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->rangeattacktime = fields[29].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->unit_class = fields[30].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->unit_flags = fields[31].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->dynamicflags = fields[32].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->family = fields[33].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->trainer_type = fields[34].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->trainer_spell = fields[35].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->trainer_class = fields[36].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->trainer_race = fields[37].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->minrangedmg = fields[38].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->maxrangedmg = fields[39].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->rangedattackpower = fields[40].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->type = fields[41].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->type_flags = fields[42].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->lootid = fields[43].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->pickpocketLootId = fields[44].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->SkinLootId = fields[45].GetUInt32(); for (uint8 i = SPELL_SCHOOL_HOLY; i < MAX_SPELL_SCHOOL; ++i) { const_cast<CreatureTemplate*>(cInfo)->resistance[i] = fields[46 + i -1].GetUInt32(); } - const_cast<CreatureTemplate*>(cInfo)->spells[0] = fields[52].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[1] = fields[53].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[2] = fields[54].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[3] = fields[55].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[4] = fields[56].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[5] = fields[57].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[6] = fields[58].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->spells[7] = fields[59].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->PetSpellDataId = fields[60].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->VehicleId = fields[61].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->mingold = fields[62].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->maxgold = fields[63].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->AIName = fields[64].GetString(); - const_cast<CreatureTemplate*>(cInfo)->MovementType = fields[65].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->InhabitType = fields[66].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->HoverHeight = fields[67].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->ModHealth = fields[68].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->ModMana = fields[69].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->ModArmor = fields[70].GetFloat(); - const_cast<CreatureTemplate*>(cInfo)->RacialLeader = fields[71].GetBool(); - const_cast<CreatureTemplate*>(cInfo)->questItems[0] = fields[72].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->questItems[1] = fields[73].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->questItems[2] = fields[74].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->questItems[3] = fields[75].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->questItems[4] = fields[76].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->questItems[5] = fields[77].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->movementId = fields[78].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->RegenHealth = fields[79].GetBool(); - const_cast<CreatureTemplate*>(cInfo)->equipmentId = fields[80].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[0] = fields[52].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[1] = fields[53].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[2] = fields[54].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[3] = fields[55].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[4] = fields[56].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[5] = fields[57].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[6] = fields[58].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->spells[7] = fields[59].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->PetSpellDataId = fields[60].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->VehicleId = fields[61].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->mingold = fields[62].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->maxgold = fields[63].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->AIName = fields[64].GetString(); + const_cast<CreatureTemplate*>(cInfo)->MovementType = fields[65].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->InhabitType = fields[66].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->HoverHeight = fields[67].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->ModHealth = fields[68].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->ModMana = fields[69].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->ModArmor = fields[70].GetFloat(); + const_cast<CreatureTemplate*>(cInfo)->RacialLeader = fields[71].GetBool(); + const_cast<CreatureTemplate*>(cInfo)->questItems[0] = fields[72].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->questItems[1] = fields[73].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->questItems[2] = fields[74].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->questItems[3] = fields[75].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->questItems[4] = fields[76].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->questItems[5] = fields[77].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->movementId = fields[78].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->RegenHealth = fields[79].GetBool(); + const_cast<CreatureTemplate*>(cInfo)->equipmentId = fields[80].GetUInt32(); const_cast<CreatureTemplate*>(cInfo)->MechanicImmuneMask = fields[81].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->flags_extra = fields[82].GetUInt32(); - const_cast<CreatureTemplate*>(cInfo)->ScriptID = sObjectMgr->GetScriptId(fields[83].GetCString()); + const_cast<CreatureTemplate*>(cInfo)->flags_extra = fields[82].GetUInt32(); + const_cast<CreatureTemplate*>(cInfo)->ScriptID = sObjectMgr->GetScriptId(fields[83].GetCString()); sObjectMgr->CheckCreatureTemplate(cInfo); } diff --git a/src/server/scripts/Commands/cs_tele.cpp b/src/server/scripts/Commands/cs_tele.cpp index 5054bd83f32..89646c23ea0 100644 --- a/src/server/scripts/Commands/cs_tele.cpp +++ b/src/server/scripts/Commands/cs_tele.cpp @@ -131,7 +131,10 @@ public: target->TeleportTo(target->m_homebindMapId, target->m_homebindX, target->m_homebindY, target->m_homebindZ, target->GetOrientation()); else { - QueryResult resultDB = CharacterDatabase.PQuery("SELECT mapId, zoneId, posX, posY, posZ FROM character_homebind WHERE guid = %u", target_guid); + PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_HOMEBIND); + stmt->setUInt32(0, target_guid); + PreparedQueryResult resultDB = CharacterDatabase.Query(stmt); + if (resultDB) { Field* fieldsDB = resultDB->Fetch(); diff --git a/src/server/scripts/Commands/cs_wp.cpp b/src/server/scripts/Commands/cs_wp.cpp index eb59007b40b..f29dd8a5069 100644 --- a/src/server/scripts/Commands/cs_wp.cpp +++ b/src/server/scripts/Commands/cs_wp.cpp @@ -91,7 +91,10 @@ public: pathid = target->GetWaypointPath(); else { - QueryResult result = WorldDatabase.Query("SELECT MAX(id) FROM waypoint_data"); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_MAX_ID); + + PreparedQueryResult result = WorldDatabase.Query(stmt); + uint32 maxpathid = result->Fetch()->GetInt32(); pathid = maxpathid+1; handler->PSendSysMessage("%s%s|r", "|cff00ff00", "New path started."); @@ -109,7 +112,9 @@ public: return true; } - QueryResult result = WorldDatabase.PQuery("SELECT MAX(point) FROM waypoint_data WHERE id = '%u'", pathid); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_MAX_POINT); + stmt->setUInt32(0, pathid); + PreparedQueryResult result = WorldDatabase.Query(stmt); if (result) point = (*result)[0].GetUInt32(); @@ -117,7 +122,7 @@ public: Player* player = handler->GetSession()->GetPlayer(); //Map* map = player->GetMap(); - PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_INS_WAYPOINT_DATA); + stmt = WorldDatabase.GetPreparedStatement(WORLD_INS_WAYPOINT_DATA); stmt->setUInt32(0, pathid); stmt->setUInt32(1, point + 1); @@ -173,9 +178,12 @@ public: } guidLow = target->GetDBTableGUIDLow(); - QueryResult result = WorldDatabase.PQuery("SELECT guid FROM creature_addon WHERE guid = '%u'", guidLow); - PreparedStatement* stmt; + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_CREATURE_ADDON_BY_GUID); + + stmt->setUInt32(0, guidLow); + + PreparedQueryResult result = WorldDatabase.Query(stmt); if (result) { @@ -290,7 +298,9 @@ public: if (id) { - QueryResult result = WorldDatabase.PQuery("SELECT id FROM waypoint_scripts WHERE guid = %u", id); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_SCRIPT_ID_BY_GUID); + stmt->setUInt32(0, id); + PreparedQueryResult result = WorldDatabase.Query(stmt); if (!result) { @@ -307,10 +317,13 @@ public: } else { - QueryResult result = WorldDatabase.Query("SELECT MAX(guid) FROM waypoint_scripts"); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_SCRIPTS_MAX_ID); + + PreparedQueryResult result = WorldDatabase.Query(stmt); + id = result->Fetch()->GetUInt32(); - PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_INS_WAYPOINT_SCRIPT); + stmt = WorldDatabase.GetPreparedStatement(WORLD_INS_WAYPOINT_SCRIPT); stmt->setUInt32(0, id + 1); @@ -336,7 +349,9 @@ public: float a8, a9, a10, a11; char const* a7; - QueryResult result = WorldDatabase.PQuery("SELECT guid, delay, command, datalong, datalong2, dataint, x, y, z, o FROM waypoint_scripts WHERE id = %u", id); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_SCRIPT_BY_ID); + stmt->setUInt32(0, id); + PreparedQueryResult result = WorldDatabase.Query(stmt); if (!result) { @@ -369,7 +384,11 @@ public: { id = atoi(arg_id); - QueryResult result = WorldDatabase.PQuery("SELECT guid FROM waypoint_scripts WHERE guid = %u", id); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_SCRIPT_ID_BY_GUID); + + stmt->setUInt32(0, id); + + PreparedQueryResult result = WorldDatabase.Query(stmt); if (result) { @@ -447,7 +466,9 @@ public: } else { - QueryResult result = WorldDatabase.PQuery("SELECT id FROM waypoint_scripts WHERE guid='%u'", id); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_SCRIPT_ID_BY_GUID); + stmt->setUInt32(0, id); + PreparedQueryResult result = WorldDatabase.Query(stmt); if (!result) { @@ -567,7 +588,9 @@ public: // User did select a visual waypoint? // Check the creature - QueryResult result = WorldDatabase.PQuery("SELECT id, point FROM waypoint_data WHERE wpguid = %u", wpGuid); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_BY_WPGUID); + stmt->setUInt32(0, wpGuid); + PreparedQueryResult result = WorldDatabase.Query(stmt); if (!result) { @@ -578,9 +601,17 @@ public: // Here we search for all waypoints that only differ in one from 1 thousand // (0.001) - There is no other way to compare C++ floats with mySQL floats // See also: http://dev.mysql.com/doc/refman/5.0/en/problems-with-float.html - const char* maxDIFF = "0.01"; - result = WorldDatabase.PQuery("SELECT id, point FROM waypoint_data WHERE (abs(position_x - %f) <= %s) and (abs(position_y - %f) <= %s) and (abs(position_z - %f) <= %s)", - target->GetPositionX(), maxDIFF, target->GetPositionY(), maxDIFF, target->GetPositionZ(), maxDIFF); + std::string maxDiff = "0.01"; + + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_BY_POS); + stmt->setFloat(0, target->GetPositionX()); + stmt->setString(1, maxDiff); + stmt->setFloat(2, target->GetPositionY()); + stmt->setString(3, maxDiff); + stmt->setFloat(4, target->GetPositionZ()); + stmt->setString(5, maxDiff); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) { handler->PSendSysMessage(LANG_WAYPOINT_NOTFOUNDDBPROBLEM, wpGuid); @@ -765,7 +796,6 @@ public: } std::string show = show_str; - uint32 Maxpoint; //handler->PSendSysMessage("wpshow - show: %s", show); @@ -780,7 +810,11 @@ public: return false; } - QueryResult result = WorldDatabase.PQuery("SELECT id, point, delay, move_flag, action, action_chance FROM waypoint_data WHERE wpguid = %u", target->GetGUIDLow()); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_ALL_BY_WPGUID); + + stmt->setUInt32(0, target->GetGUIDLow()); + + PreparedQueryResult result = WorldDatabase.Query(stmt); if (!result) { @@ -812,7 +846,11 @@ public: if (show == "on") { - QueryResult result = WorldDatabase.PQuery("SELECT point, position_x, position_y, position_z FROM waypoint_data WHERE id = '%u'", pathid); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_POS_BY_ID); + + stmt->setUInt32(0, pathid); + + PreparedQueryResult result = WorldDatabase.Query(stmt); if (!result) { @@ -824,7 +862,11 @@ public: handler->PSendSysMessage("|cff00ff00DEBUG: wp on, PathID: |cff00ffff%u|r", pathid); // Delete all visuals for this NPC - QueryResult result2 = WorldDatabase.PQuery("SELECT wpguid FROM waypoint_data WHERE id = '%u' and wpguid <> 0", pathid); + stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_WPGUID_BY_ID); + + stmt->setUInt32(0, pathid); + + PreparedQueryResult result2 = WorldDatabase.Query(stmt); if (result2) { @@ -921,7 +963,10 @@ public: { handler->PSendSysMessage("|cff00ff00DEBUG: wp first, GUID: %u|r", pathid); - QueryResult result = WorldDatabase.PQuery("SELECT position_x, position_y, position_z FROM waypoint_data WHERE point='1' AND id = '%u'", pathid); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_POS_FIRST_BY_ID); + stmt->setUInt32(0, pathid); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) { handler->PSendSysMessage(LANG_WAYPOINT_NOTFOUND, pathid); @@ -968,13 +1013,10 @@ public: { handler->PSendSysMessage("|cff00ff00DEBUG: wp last, PathID: |r|cff00ffff%u|r", pathid); - QueryResult result = WorldDatabase.PQuery("SELECT MAX(point) FROM waypoint_data WHERE id = '%u'", pathid); - if (result) - Maxpoint = (*result)[0].GetUInt32(); - else - Maxpoint = 0; + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_WAYPOINT_DATA_POS_LAST_BY_ID); + stmt->setUInt32(0, pathid); + PreparedQueryResult result = WorldDatabase.Query(stmt); - result = WorldDatabase.PQuery("SELECT position_x, position_y, position_z, orientation FROM waypoint_data WHERE point ='%u' AND id = '%u'", Maxpoint, pathid); if (!result) { handler->PSendSysMessage(LANG_WAYPOINT_NOTFOUNDLAST, pathid); @@ -1018,7 +1060,10 @@ public: if (show == "off") { - QueryResult result = WorldDatabase.PQuery("SELECT guid FROM creature WHERE id = '%u'", 1); + PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_SEL_CREATURE_BY_ID); + stmt->setUInt32(0, 1); + PreparedQueryResult result = WorldDatabase.Query(stmt); + if (!result) { handler->SendSysMessage(LANG_WAYPOINT_VP_NOTFOUND); @@ -1051,7 +1096,7 @@ public: } while (result->NextRow()); // set "wpguid" column to "empty" - no visual waypoint spawned - PreparedStatement* stmt = WorldDatabase.GetPreparedStatement(WORLD_UPD_ALL_WAYPOINT_DATA_WPGUID); + stmt = WorldDatabase.GetPreparedStatement(WORLD_UPD_WAYPOINT_DATA_ALL_WPGUID); WorldDatabase.Execute(stmt); //WorldDatabase.PExecute("UPDATE creature_movement SET wpguid = '0' WHERE wpguid <> '0'"); diff --git a/src/server/shared/Database/Implementation/CharacterDatabase.cpp b/src/server/shared/Database/Implementation/CharacterDatabase.cpp index 29026b9bef7..9c0c91e8152 100644 --- a/src/server/shared/Database/Implementation/CharacterDatabase.cpp +++ b/src/server/shared/Database/Implementation/CharacterDatabase.cpp @@ -28,12 +28,13 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_DEL_EXPIRED_BANS, "UPDATE character_banned SET active = 0 WHERE unbandate <= UNIX_TIMESTAMP() AND unbandate <> bandate", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_GUID_BY_NAME, "SELECT guid FROM characters WHERE name = ?", CONNECTION_BOTH); PREPARE_STATEMENT(CHAR_SEL_CHECK_NAME, "SELECT 1 FROM characters WHERE name = ?", CONNECTION_ASYNC); + PREPARE_STATEMENT(CHAR_SEL_CHECK_GUID, "SELECT 1 FROM characters WHERE guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_SEL_SUM_CHARS, "SELECT COUNT(guid) FROM characters WHERE account = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_SEL_CHAR_CREATE_INFO, "SELECT level, race, class FROM characters WHERE account = ? LIMIT 0, ?", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_INS_CHARACTER_BAN, "INSERT INTO character_banned VALUES (?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()+?, ?, ?, 1)", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_UPD_CHARACTER_BAN, "UPDATE character_banned SET active = 0 WHERE guid = ? AND active != 0", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_BANINFO, "SELECT FROM_UNIXTIME(bandate), unbandate-bandate, active, unbandate, banreason, bannedby FROM character_banned WHERE guid = ? ORDER BY bandate ASC", CONNECTION_SYNCH) - PREPARE_STATEMENT(CHAR_SEL_GUID_BY_NAME_FILTER, "SELECT guid, name FROM characters WHERE name LIKE CONCAT('%', ?, '%')", CONNECTION_SYNCH) + PREPARE_STATEMENT(CHAR_SEL_GUID_BY_NAME_FILTER, "SELECT guid, name FROM characters WHERE name LIKE CONCAT('%%', ?, '%%')", CONNECTION_SYNCH) PREPARE_STATEMENT(CHAR_SEL_BANINFO_LIST, "SELECT bandate, unbandate, bannedby, banreason FROM character_banned WHERE guid = ? ORDER BY unbandate", CONNECTION_SYNCH) PREPARE_STATEMENT(CHAR_SEL_BANNED_NAME, "SELECT characters.name FROM characters, character_banned WHERE character_banned.guid = ? AND character_banned.guid = characters.guid", CONNECTION_SYNCH) PREPARE_STATEMENT(CHAR_SEL_ENUM, "SELECT c.guid, c.name, c.race, c.class, c.gender, c.playerBytes, c.playerBytes2, c.level, c.zone, c.map, c.position_x, c.position_y, c.position_z, gm.guildid, c.playerFlags, c.at_login, cp.entry, cp.modelid, cp.level, c.equipmentCache, cb.guid FROM characters AS c LEFT JOIN character_pet AS cp ON c.guid = cp.owner AND cp.slot = ? LEFT JOIN guild_member AS gm ON c.guid = gm.guid LEFT JOIN character_banned AS cb ON c.guid = cb.guid AND cb.active = 1 WHERE c.account = ? ORDER BY c.guid", CONNECTION_ASYNC); @@ -44,6 +45,11 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_SEL_PET_SLOT_BY_ID, "SELECT slot, entry FROM character_pet WHERE owner = ? AND id = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_SEL_FREE_NAME, "SELECT guid, name FROM characters WHERE guid = ? AND account = ? AND (at_login & ?) = ? AND NOT EXISTS (SELECT NULL FROM characters WHERE name = ?)", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_SEL_GUID_RACE_ACC_BY_NAME, "SELECT guid, race, account FROM characters WHERE name = ?", CONNECTION_BOTH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_RACE, "SELECT race FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_LEVEL, "SELECT level FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_ZONE, "SELECT zone FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_POSITION_XYZ, "SELECT map, position_x, position_y, position_z FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_POSITION, "SELECT position_x, position_y, position_z, orientation, map, taxi_path FROM characters WHERE guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_DEL_QUEST_STATUS_DAILY, "DELETE FROM character_queststatus_daily", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_DEL_QUEST_STATUS_WEEKLY, "DELETE FROM character_queststatus_weekly", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_DEL_QUEST_STATUS_SEASONAL, "DELETE FROM character_queststatus_seasonal WHERE event = ?", CONNECTION_ASYNC); @@ -78,11 +84,12 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_SEL_CHARACTER_ACTIONS, "SELECT a.button, a.action, a.type FROM character_action as a, characters as c WHERE a.guid = c.guid AND a.spec = c.activespec AND a.guid = ? ORDER BY button", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_MAILCOUNT, "SELECT COUNT(id) FROM mail WHERE receiver = ? AND (checked & 1) = 0 AND deliver_time <= ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_MAILDATE, "SELECT MIN(deliver_time) FROM mail WHERE receiver = ? AND (checked & 1) = 0", CONNECTION_ASYNC) + PREPARE_STATEMENT(CHAR_SEL_MAIL_COUNT, "SELECT COUNT(*) FROM mail WHERE receiver = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_SEL_CHARACTER_SOCIALLIST, "SELECT friend, flags, note FROM character_social JOIN characters ON characters.guid = character_social.friend WHERE character_social.guid = ? AND deleteinfos_name IS NULL LIMIT 255", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_HOMEBIND, "SELECT mapId, zoneId, posX, posY, posZ FROM character_homebind WHERE guid = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_SPELLCOOLDOWNS, "SELECT spell, item, time FROM character_spell_cooldown WHERE guid = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_DECLINEDNAMES, "SELECT genitive, dative, accusative, instrumental, prepositional FROM character_declinedname WHERE guid = ?", CONNECTION_ASYNC) - PREPARE_STATEMENT(CHAR_SEL_GUILD_MEMBER, "SELECT guildid, rank FROM guild_member WHERE guid = ?", CONNECTION_ASYNC) + PREPARE_STATEMENT(CHAR_SEL_GUILD_MEMBER, "SELECT guildid, rank FROM guild_member WHERE guid = ?", CONNECTION_BOTH) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_ACHIEVEMENTS, "SELECT achievement, date FROM character_achievement WHERE guid = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_CRITERIAPROGRESS, "SELECT criteria, counter, date FROM character_achievement_progress WHERE guid = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_EQUIPMENTSETS, "SELECT setguid, setindex, name, iconname, item0, item1, item2, item3, item4, item5, item6, item7, item8, " @@ -103,6 +110,7 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_SEL_AUCTIONS, "SELECT id, auctioneerguid, itemguid, itemEntry, itemowner, buyoutprice, time, buyguid, lastbid, startbid, deposit FROM auctionhouse ah INNER JOIN item_instance ii ON ii.guid = ah.itemguid", CONNECTION_SYNCH) PREPARE_STATEMENT(CHAR_INS_AUCTION, "INSERT INTO auctionhouse (id, auctioneerguid, itemguid, itemowner, buyoutprice, time, buyguid, lastbid, startbid, deposit) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_DEL_AUCTION, "DELETE FROM auctionhouse WHERE id = ?", CONNECTION_ASYNC) + PREPARE_STATEMENT(CHAR_SEL_AUCTION_BY_TIME, "SELECT id FROM auctionhouse WHERE time <= ? ORDER BY TIME ASC", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_INS_MAIL, "INSERT INTO mail(id, messageType, stationery, mailTemplateId, sender, receiver, subject, body, has_items, expire_time, deliver_time, money, cod, checked) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_DEL_MAIL, "DELETE FROM mail WHERE id = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_INS_MAIL_ITEM, "INSERT INTO mail_items(mail_id, item_guid, receiver) VALUES (?, ?, ?)", CONNECTION_ASYNC) @@ -127,10 +135,14 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_DEL_ITEM_INSTANCE, "DELETE FROM item_instance WHERE guid = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_UPD_GIFT_OWNER, "UPDATE character_gifts SET guid = ? WHERE item_guid = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_DEL_GIFT, "DELETE FROM character_gifts WHERE item_guid = ?", CONNECTION_ASYNC) + PREPARE_STATEMENT(CHAR_SEL_CHARACTER_GIFT_BY_ITEM, "SELECT entry, flags FROM character_gifts WHERE item_guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_SEL_ACCOUNT_BY_NAME, "SELECT account FROM characters WHERE name = ?", CONNECTION_SYNCH) + PREPARE_STATEMENT(CHAR_SEL_ACCOUNT_BY_GUID, "SELECT account FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_ACCOUNT_NAME_BY_GUID, "SELECT account, name FROM characters WHERE guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_DEL_ACCOUNT_INSTANCE_LOCK_TIMES, "DELETE FROM account_instance_times WHERE accountId = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_INS_ACCOUNT_INSTANCE_LOCK_TIMES, "INSERT INTO account_instance_times (accountId, instanceId, releaseTime) VALUES (?, ?, ?)", CONNECTION_ASYNC) PREPARE_STATEMENT(CHAR_SEL_CHARACTER_NAME_CLASS, "SELECT name, class FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHARACTER_NAME, "SELECT name FROM characters WHERE guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_SEL_MATCH_MAKER_RATING, "SELECT matchMakerRating FROM character_arena_stats WHERE guid = ? AND slot = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_SEL_CHARACTER_COUNT, "SELECT account, COUNT(guid) FROM characters WHERE account = ? GROUP BY account", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_UPD_NAME, "UPDATE characters set name = ?, at_login = at_login & ~ ? WHERE guid = ?", CONNECTION_ASYNC); @@ -263,6 +275,13 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_SEL_PETITION_SIGNATURE, "SELECT playerguid FROM petition_sign WHERE petitionguid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(CHAR_DEL_ALL_PETITION_SIGNATURES, "DELETE FROM petition_sign WHERE playerguid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_DEL_PETITION_SIGNATURE, "DELETE FROM petition_sign WHERE playerguid = ? AND type = ?", CONNECTION_ASYNC); + PREPARE_STATEMENT(CHAR_SEL_PETITION_BY_OWNER, "SELECT petitionguid FROM petition WHERE ownerguid = ? AND type = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PETITION_TYPE, "SELECT type FROM petition WHERE petitionguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PETITION_SIGNATURES, "SELECT ownerguid, (SELECT COUNT(playerguid) FROM petition_sign WHERE petition_sign.petitionguid = ?) AS signs, type FROM petition WHERE petitionguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PETITION_SIG_BY_ACCOUNT, "SELECT playerguid FROM petition_sign WHERE player_account = ? AND petitionguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PETITION_OWNER_BY_GUID, "SELECT ownerguid FROM petition WHERE petitionguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PETITION_SIG_BY_GUID, "SELECT ownerguid, petitionguid FROM petition_sign WHERE playerguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PETITION_SIG_BY_GUID_TYPE, "SELECT ownerguid, petitionguid FROM petition_sign WHERE playerguid = ? AND type = ?", CONNECTION_SYNCH); // Arena teams PREPARE_STATEMENT(CHAR_SEL_CHARACTER_ARENAINFO, "SELECT arenaTeamId, weekGames, seasonGames, seasonWins, personalRating FROM arena_team_member WHERE guid = ?", CONNECTION_ASYNC) @@ -389,5 +408,44 @@ void CharacterDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(CHAR_DEL_CHARACTER_SOCIAL, "DELETE FROM character_social WHERE guid = ? AND friend = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_UPD_CHARACTER_SOCIAL_NOTE, "UPDATE character_social SET note = ? WHERE guid = ? AND friend = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(CHAR_UPD_CHARACTER_POSITION, "UPDATE characters SET position_x = ?, position_y = ?, position_z = ?, orientation = ?, map = ?, zone = ?, trans_x = 0, trans_y = 0, trans_z = 0, transguid = 0, taxi_path = '' WHERE guid = ?", CONNECTION_ASYNC); - + PREPARE_STATEMENT(CHAR_SEL_CHARACTER_AURA_FROZEN, "SELECT characters.name FROM characters LEFT JOIN character_aura ON (characters.guid = character_aura.guid) WHERE character_aura.spell = 9454", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHARACTER_ONLINE, "SELECT name, account, map, zone FROM characters WHERE online > 0", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_DEL_INFO_BY_GUID, "SELECT guid, deleteInfos_Name, deleteInfos_Account, deleteDate FROM characters WHERE deleteDate IS NOT NULL AND guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_DEL_INFO_BY_NAME, "SELECT guid, deleteInfos_Name, deleteInfos_Account, deleteDate FROM characters WHERE deleteDate IS NOT NULL AND deleteInfos_Name LIKE CONCAT('%%', ?, '%%')", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_DEL_INFO, "SELECT guid, deleteInfos_Name, deleteInfos_Account, deleteDate FROM characters WHERE deleteDate IS NOT NULL", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHARS_BY_ACCOUNT_ID, "SELECT guid FROM characters WHERE account = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PINFO, "SELECT totaltime, level, money, account, race, class, map, zone FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PINFO_BANS, "SELECT unbandate, bandate = unbandate, bannedby, banreason FROM character_banned WHERE guid = ? AND active ORDER BY bandate ASC LIMIT 1", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_HOMEBIND, "SELECT mapId, zoneId, posX, posY, posZ FROM character_homebind WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_GUID_NAME_BY_ACC, "SELECT guid, name FROM characters WHERE account = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_POOL_QUEST_SAVE, "SELECT quest_id FROM pool_quest_save WHERE pool_id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHARACTER_AT_LOGIN, "SELECT at_login FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_CLASS_LVL_AT_LOGIN, "SELECT class, level, at_login FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_INSTANCE, "SELECT data, completedEncounters FROM instance WHERE map = ? AND id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PET_SPELL_LIST, "SELECT DISTINCT pet_spell.spell FROM pet_spell, character_pet WHERE character_pet.owner = ? AND character_pet.id = pet_spell.guid AND character_pet.id <> ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PET, "SELECT id FROM character_pet WHERE owner = ? AND id <> ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PETS, "SELECT id FROM character_pet WHERE owner = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_COD_ITEM_MAIL, "SELECT id, messageType, mailTemplateId, sender, subject, body, money, has_items FROM mail WHERE receiver = ? AND has_items <> 0 AND cod <> 0", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_SOCIAL, "SELECT DISTINCT guid FROM character_social WHERE friend = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PET_AURA, "SELECT caster_guid, spell, effect_mask, recalculate_mask, stackcount, amount0, amount1, amount2, base_amount0, base_amount1, base_amount2, maxduration, remaintime, remaincharges FROM pet_aura WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_OLD_CHARS, "SELECT guid, deleteInfos_Account FROM characters WHERE deleteDate IS NOT NULL AND deleteDate < ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_ARENA_TEAM_ID_BY_PLAYER_GUID, "SELECT arena_team_member.arenateamid FROM arena_team_member JOIN arena_team ON arena_team_member.arenateamid = arena_team.arenateamid WHERE guid = ? AND type = ? LIMIT 1", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_MAIL, "SELECT id, messageType, sender, receiver, subject, body, has_items, expire_time, deliver_time, money, cod, checked, stationery, mailTemplateId FROM mail WHERE receiver = ? ORDER BY id DESC", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PLAYERBYTES2, "SELECT playerBytes2 FROM characters WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PET_SPELL, "SELECT spell, active FROM pet_spell WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PET_SPELL_COOLDOWN, "SELECT spell, time FROM pet_spell_cooldown WHERE guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_PET_DECLINED_NAME, "SELECT genitive, dative, accusative, instrumental, prepositional FROM character_pet_declinedname WHERE owner = ? AND id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_GUID_BY_NAME, "SELECT characters.guid FROM characters WHERE characters.name = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_DEL_CHAR_AURA_FROZEN, "DELETE FROM character_aura WHERE character_aura.spell = 9454 AND character_aura.guid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_INVENTORY_COUNT_ITEM, "SELECT COUNT(itemEntry) FROM character_inventory ci INNER JOIN item_instance ii ON ii.guid = ci.item WHERE itemEntry = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_MAIL_COUNT_ITEM, "SELECT COUNT(itemEntry) FROM mail_items mi INNER JOIN item_instance ii ON ii.guid = mi.item_guid WHERE itemEntry = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_AUCTIONHOUSE_COUNT_ITEM,"SELECT COUNT(itemEntry) FROM auctionhouse ah INNER JOIN item_instance ii ON ii.guid = ah.itemguid WHERE itemEntry = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_GUILD_BANK_COUNT_ITEM, "SELECT COUNT(itemEntry) FROM guild_bank_item gbi INNER JOIN item_instance ii ON ii.guid = gbi.item_guid WHERE itemEntry = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_INVENTORY_ITEM_BY_ENTRY, "SELECT ci.item, cb.slot AS bag, ci.slot, ci.guid, c.account, c.name FROM characters c INNER JOIN character_inventory ci ON ci.guid = c.guid INNER JOIN item_instance ii ON ii.guid = ci.item LEFT JOIN character_inventory cb ON cb.item = ci.bag WHERE ii.itemEntry = ? LIMIT ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_MAIL_ITEMS_BY_ENTRY, "SELECT mi.item_guid, m.sender, m.receiver, cs.account, cs.name, cr.account, cr.name FROM mail m INNER JOIN mail_items mi ON mi.mail_id = m.id INNER JOIN item_instance ii ON ii.guid = mi.item_guid INNER JOIN characters cs ON cs.guid = m.sender INNER JOIN characters cr ON cr.guid = m.receiver WHERE ii.itemEntry = ? LIMIT ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_AUCTIONHOUSE_ITEM_BY_ENTRY, "SELECT ah.itemguid, ah.itemowner, c.account, c.name FROM auctionhouse ah INNER JOIN characters c ON c.guid = ah.itemowner INNER JOIN item_instance ii ON ii.guid = ah.itemguid WHERE ii.itemEntry = ? LIMIT ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_GUILD_BANK_ITEM_BY_ENTRY, "SELECT gi.item_guid, gi.guildid, g.name FROM guild_bank_item gi INNER JOIN guild g ON g.guildid = gi.guildid INNER JOIN item_instance ii ON ii.guid = gi.item_guid WHERE ii.itemEntry = ? LIMIT ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PET_BY_ENTRY, "SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType FROM character_pet WHERE owner = ? AND id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PET_BY_ENTRY_AND_SLOT, "SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType FROM character_pet WHERE owner = ? AND entry = ? AND (slot = ? OR slot > ?)", CONNECTION_SYNCH); + PREPARE_STATEMENT(CHAR_SEL_CHAR_PET_BY_SLOT, "SELECT id, entry, owner, modelid, level, exp, Reactstate, slot, name, renamed, curhealth, curmana, curhappiness, abdata, savetime, CreatedBySpell, PetType FROM character_pet WHERE owner = ? AND (slot = ? OR slot > ?) ", CONNECTION_SYNCH); } diff --git a/src/server/shared/Database/Implementation/CharacterDatabase.h b/src/server/shared/Database/Implementation/CharacterDatabase.h index 2f2aa2301d1..3752051716f 100644 --- a/src/server/shared/Database/Implementation/CharacterDatabase.h +++ b/src/server/shared/Database/Implementation/CharacterDatabase.h @@ -48,6 +48,7 @@ enum CharacterDatabaseStatements CHAR_DEL_EXPIRED_BANS, CHAR_SEL_GUID_BY_NAME, CHAR_SEL_CHECK_NAME, + CHAR_SEL_CHECK_GUID, CHAR_SEL_SUM_CHARS, CHAR_SEL_CHAR_CREATE_INFO, CHAR_INS_CHARACTER_BAN, @@ -64,6 +65,11 @@ enum CharacterDatabaseStatements CHAR_SEL_PET_SLOT_BY_ID, CHAR_SEL_FREE_NAME, CHAR_SEL_GUID_RACE_ACC_BY_NAME, + CHAR_SEL_CHAR_RACE, + CHAR_SEL_CHAR_LEVEL, + CHAR_SEL_CHAR_ZONE, + CHAR_SEL_CHAR_POSITION_XYZ, + CHAR_SEL_CHAR_POSITION, CHAR_DEL_QUEST_STATUS_DAILY, CHAR_DEL_QUEST_STATUS_WEEKLY, CHAR_DEL_QUEST_STATUS_SEASONAL, @@ -91,6 +97,7 @@ enum CharacterDatabaseStatements CHAR_SEL_CHARACTER_ACTIONS_SPEC, CHAR_SEL_CHARACTER_MAILCOUNT, CHAR_SEL_CHARACTER_MAILDATE, + CHAR_SEL_MAIL_COUNT, CHAR_SEL_CHARACTER_SOCIALLIST, CHAR_SEL_CHARACTER_HOMEBIND, CHAR_SEL_CHARACTER_SPELLCOOLDOWNS, @@ -112,6 +119,7 @@ enum CharacterDatabaseStatements CHAR_SEL_AUCTION_ITEMS, CHAR_INS_AUCTION, CHAR_DEL_AUCTION, + CHAR_SEL_AUCTION_BY_TIME, CHAR_SEL_AUCTIONS, CHAR_INS_MAIL, CHAR_DEL_MAIL, @@ -136,14 +144,18 @@ enum CharacterDatabaseStatements CHAR_DEL_ITEM_INSTANCE, CHAR_UPD_GIFT_OWNER, CHAR_DEL_GIFT, + CHAR_SEL_CHARACTER_GIFT_BY_ITEM, CHAR_SEL_ACCOUNT_BY_NAME, + CHAR_SEL_ACCOUNT_BY_GUID, CHAR_DEL_ACCOUNT_INSTANCE_LOCK_TIMES, CHAR_INS_ACCOUNT_INSTANCE_LOCK_TIMES, CHAR_SEL_CHARACTER_NAME_CLASS, + CHAR_SEL_CHARACTER_NAME, CHAR_SEL_MATCH_MAKER_RATING, CHAR_SEL_CHARACTER_COUNT, CHAR_UPD_NAME, CHAR_DEL_DECLINED_NAME, + CHAR_SEL_ACCOUNT_NAME_BY_GUID, CHAR_INS_GUILD, CHAR_DEL_GUILD, @@ -259,6 +271,13 @@ enum CharacterDatabaseStatements CHAR_SEL_PETITION_SIGNATURE, CHAR_DEL_ALL_PETITION_SIGNATURES, CHAR_DEL_PETITION_SIGNATURE, + CHAR_SEL_PETITION_BY_OWNER, + CHAR_SEL_PETITION_TYPE, + CHAR_SEL_PETITION_SIGNATURES, + CHAR_SEL_PETITION_SIG_BY_ACCOUNT, + CHAR_SEL_PETITION_OWNER_BY_GUID, + CHAR_SEL_PETITION_SIG_BY_GUID, + CHAR_SEL_PETITION_SIG_BY_GUID_TYPE, CHAR_INS_PLAYER_BGDATA, CHAR_DEL_PLAYER_BGDATA, @@ -350,6 +369,49 @@ enum CharacterDatabaseStatements CHAR_INS_LFG_DATA, CHAR_DEL_LFG_DATA, + CHAR_SEL_CHARACTER_AURA_FROZEN, + CHAR_SEL_CHARACTER_ONLINE, + + CHAR_SEL_CHAR_DEL_INFO_BY_GUID, + CHAR_SEL_CHAR_DEL_INFO_BY_NAME, + CHAR_SEL_CHAR_DEL_INFO, + + CHAR_SEL_CHARS_BY_ACCOUNT_ID, + CHAR_SEL_CHAR_PINFO, + CHAR_SEL_PINFO_BANS, + CHAR_SEL_CHAR_HOMEBIND, + CHAR_SEL_CHAR_GUID_NAME_BY_ACC, + CHAR_SEL_POOL_QUEST_SAVE, + CHAR_SEL_CHARACTER_AT_LOGIN, + CHAR_SEL_CHAR_CLASS_LVL_AT_LOGIN, + CHAR_SEL_INSTANCE, + CHAR_SEL_PET_SPELL_LIST, + CHAR_SEL_CHAR_PET, + CHAR_SEL_CHAR_PETS, + CHAR_SEL_CHAR_COD_ITEM_MAIL, + CHAR_SEL_CHAR_SOCIAL, + CHAR_SEL_PET_AURA, + CHAR_SEL_CHAR_OLD_CHARS, + CHAR_SEL_ARENA_TEAM_ID_BY_PLAYER_GUID, + CHAR_SEL_MAIL, + CHAR_SEL_CHAR_PLAYERBYTES2, + CHAR_SEL_PET_SPELL, + CHAR_SEL_PET_SPELL_COOLDOWN, + CHAR_SEL_PET_DECLINED_NAME, + CHAR_SEL_CHAR_GUID_BY_NAME, + CHAR_DEL_CHAR_AURA_FROZEN, + CHAR_SEL_CHAR_INVENTORY_COUNT_ITEM, + CHAR_SEL_MAIL_COUNT_ITEM, + CHAR_SEL_AUCTIONHOUSE_COUNT_ITEM, + CHAR_SEL_GUILD_BANK_COUNT_ITEM, + CHAR_SEL_CHAR_INVENTORY_ITEM_BY_ENTRY, + CHAR_SEL_MAIL_ITEMS_BY_ENTRY, + CHAR_SEL_AUCTIONHOUSE_ITEM_BY_ENTRY, + CHAR_SEL_GUILD_BANK_ITEM_BY_ENTRY, + CHAR_SEL_CHAR_PET_BY_ENTRY, + CHAR_SEL_CHAR_PET_BY_ENTRY_AND_SLOT, + CHAR_SEL_CHAR_PET_BY_SLOT, + MAX_CHARACTERDATABASE_STATEMENTS, }; diff --git a/src/server/shared/Database/Implementation/LoginDatabase.cpp b/src/server/shared/Database/Implementation/LoginDatabase.cpp index 8ef8d3b48cf..ca7d4f95cfb 100755 --- a/src/server/shared/Database/Implementation/LoginDatabase.cpp +++ b/src/server/shared/Database/Implementation/LoginDatabase.cpp @@ -27,7 +27,11 @@ void LoginDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(LOGIN_UPD_EXPIRED_ACCOUNT_BANS, "UPDATE account_banned SET active = 0 WHERE active = 1 AND unbandate<>bandate AND unbandate<=UNIX_TIMESTAMP()", CONNECTION_ASYNC) PREPARE_STATEMENT(LOGIN_SEL_IP_BANNED, "SELECT * FROM ip_banned WHERE ip = ?", CONNECTION_SYNCH) PREPARE_STATEMENT(LOGIN_INS_IP_AUTO_BANNED, "INSERT INTO ip_banned VALUES (?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()+?, 'Trinity realmd', 'Failed login autoban')", CONNECTION_ASYNC) + PREPARE_STATEMENT(LOGIN_SEL_IP_BANNED_ALL, "SELECT ip, bandate, unbandate, bannedby, banreason FROM ip_banned WHERE (bandate = unbandate OR unbandate > UNIX_TIMESTAMP()) ORDER BY unbandate", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_IP_BANNED_BY_IP, "SELECT ip, bandate, unbandate, bannedby, banreason FROM ip_banned WHERE (bandate = unbandate OR unbandate > UNIX_TIMESTAMP()) AND ip LIKE CONCAT('%%', ?, '%%') ORDER BY unbandate", CONNECTION_SYNCH); PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_BANNED, "SELECT bandate, unbandate FROM account_banned WHERE id = ? AND active = 1", CONNECTION_SYNCH) + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_BANNED_ALL, "SELECT account.id, username FROM account, account_banned WHERE account.id = account_banned.id AND active = 1 GROUP BY account.id", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_BANNED_BY_USERNAME, "SELECT account.id, username FROM account, account_banned WHERE account.id = account_banned.id AND active = 1 AND username LIKE CONCAT('%%', ?, '%%') GROUP BY account.id", CONNECTION_SYNCH); PREPARE_STATEMENT(LOGIN_INS_ACCOUNT_AUTO_BANNED, "INSERT INTO account_banned VALUES (?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()+?, 'Trinity realmd', 'Failed login autoban', 1)", CONNECTION_ASYNC) PREPARE_STATEMENT(LOGIN_SEL_SESSIONKEY, "SELECT a.sessionkey, a.id, aa.gmlevel FROM account a LEFT JOIN account_access aa ON (a.id = aa.id) WHERE username = ?", CONNECTION_SYNCH) PREPARE_STATEMENT(LOGIN_UPD_VS, "UPDATE account SET v = ?, s = ? WHERE username = ?", CONNECTION_ASYNC) @@ -36,8 +40,12 @@ void LoginDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(LOGIN_UPD_FAILEDLOGINS, "UPDATE account SET failed_logins = failed_logins + 1 WHERE username = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(LOGIN_SEL_FAILEDLOGINS, "SELECT id, failed_logins FROM account WHERE username = ?", CONNECTION_SYNCH) PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_ID_BY_NAME, "SELECT id FROM account WHERE username = ?", CONNECTION_SYNCH) + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_LIST_BY_NAME, "SELECT id, username FROM account WHERE username = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_INFO_BY_NAME, "SELECT id, sessionkey, last_ip, locked, v, s, expansion, mutetime, locale, recruiter, os FROM account WHERE username = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_LIST_BY_EMAIL, "SELECT id, username FROM account WHERE email = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(LOGIN_SEL_NUM_CHARS_ON_REALM, "SELECT numchars FROM realmcharacters WHERE realmid = ? AND acctid= ?", CONNECTION_SYNCH) - PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_BY_IP, "SELECT id FROM account WHERE last_ip = ?", CONNECTION_SYNCH) + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_BY_IP, "SELECT id, username FROM account WHERE last_ip = ?", CONNECTION_SYNCH) + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_BY_ID, "SELECT 1 FROM account WHERE id = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(LOGIN_INS_IP_BANNED, "INSERT INTO ip_banned VALUES (?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()+?, ?, ?)", CONNECTION_ASYNC) PREPARE_STATEMENT(LOGIN_DEL_IP_NOT_BANNED, "DELETE FROM ip_banned WHERE ip = ?", CONNECTION_ASYNC) PREPARE_STATEMENT(LOGIN_INS_ACCOUNT_BANNED, "INSERT INTO account_banned VALUES (?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()+?, ?, ?, 1)", CONNECTION_ASYNC) @@ -62,4 +70,21 @@ void LoginDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(LOGIN_DEL_ACCOUNT_ACCESS, "DELETE FROM account_access WHERE id = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(LOGIN_DEL_ACCOUNT_ACCESS_BY_REALM, "DELETE FROM account_access WHERE id = ? AND (RealmID = ? OR RealmID = -1)", CONNECTION_ASYNC); PREPARE_STATEMENT(LOGIN_INS_ACCOUNT_ACCESS, "INSERT INTO account_access (id,gmlevel,RealmID) VALUES (?, ?, ?)", CONNECTION_ASYNC); + PREPARE_STATEMENT(LOGIN_GET_ACCOUNT_ID_BY_USERNAME, "SELECT id FROM account WHERE username = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_GET_ACCOUNT_ACCESS_GMLEVEL, "SELECT gmlevel FROM account_access WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_GET_GMLEVEL_BY_REALMID, "SELECT gmlevel FROM account_access WHERE id = ? AND (RealmID = ? OR RealmID = -1)", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_GET_USERNAME_BY_ID, "SELECT username FROM account WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_CHECK_PASSWORD, "SELECT 1 FROM account WHERE id = ? AND sha_pass_hash = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_CHECK_PASSWORD_BY_NAME, "SELECT 1 FROM account WHERE username = ? AND sha_pass_hash = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_PINFO, "SELECT a.username, aa.gmlevel, a.email, a.last_ip, a.last_login, a.mutetime FROM account a LEFT JOIN account_access aa ON (a.id = aa.id AND (aa.RealmID = ? OR aa.RealmID = -1)) WHERE a.id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_PINFO_BANS, "SELECT unbandate, bandate = unbandate, bannedby, banreason FROM account_banned WHERE id = ? AND active ORDER BY bandate ASC LIMIT 1", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_GM_ACCOUNTS, "SELECT a.username, aa.gmlevel FROM account a, account_access aa WHERE a.id=aa.id AND aa.gmlevel >= ? AND (aa.realmid = -1 OR aa.realmid = ?)", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_INFO, "SELECT a.username, a.last_ip, aa.gmlevel, a.expansion FROM account a LEFT JOIN account_access aa ON (a.id = aa.id) WHERE a.id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_ACCESS_GMLEVEL_TEST, "SELECT 1 FROM account_access WHERE id = ? AND gmlevel > ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_ACCESS, "SELECT a.id, aa.gmlevel, aa.RealmID FROM account a LEFT JOIN account_access aa ON (a.id = aa.id) WHERE a.username = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_RECRUITER, "SELECT 1 FROM account WHERE recruiter = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_BANS, "SELECT 1 FROM account_banned WHERE id = ? AND active = 1 UNION SELECT 1 FROM ip_banned WHERE ip = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_ACCOUNT_WHOIS, "SELECT username, email, last_ip FROM account WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(LOGIN_SEL_REALMLIST_SECURITY_LEVEL, "SELECT allowedSecurityLevel from realmlist WHERE id = ?", CONNECTION_SYNCH); + } diff --git a/src/server/shared/Database/Implementation/LoginDatabase.h b/src/server/shared/Database/Implementation/LoginDatabase.h index afb188020c7..2994c6bb07c 100755 --- a/src/server/shared/Database/Implementation/LoginDatabase.h +++ b/src/server/shared/Database/Implementation/LoginDatabase.h @@ -48,6 +48,8 @@ enum LoginDatabaseStatements LOGIN_SEL_IP_BANNED, LOGIN_INS_IP_AUTO_BANNED, LOGIN_SEL_ACCOUNT_BANNED, + LOGIN_SEL_ACCOUNT_BANNED_ALL, + LOGIN_SEL_ACCOUNT_BANNED_BY_USERNAME, LOGIN_INS_ACCOUNT_AUTO_BANNED, LOGIN_SEL_SESSIONKEY, LOGIN_UPD_VS, @@ -56,10 +58,16 @@ enum LoginDatabaseStatements LOGIN_UPD_FAILEDLOGINS, LOGIN_SEL_FAILEDLOGINS, LOGIN_SEL_ACCOUNT_ID_BY_NAME, + LOGIN_SEL_ACCOUNT_LIST_BY_NAME, + LOGIN_SEL_ACCOUNT_INFO_BY_NAME, + LOGIN_SEL_ACCOUNT_LIST_BY_EMAIL, LOGIN_SEL_NUM_CHARS_ON_REALM, LOGIN_SEL_ACCOUNT_BY_IP, LOGIN_INS_IP_BANNED, LOGIN_DEL_IP_NOT_BANNED, + LOGIN_SEL_IP_BANNED_ALL, + LOGIN_SEL_IP_BANNED_BY_IP, + LOGIN_SEL_ACCOUNT_BY_ID, LOGIN_INS_ACCOUNT_BANNED, LOGIN_UPD_ACCOUNT_NOT_BANNED, LOGIN_DEL_REALM_CHARACTERS, @@ -82,6 +90,22 @@ enum LoginDatabaseStatements LOGIN_DEL_ACCOUNT_ACCESS, LOGIN_DEL_ACCOUNT_ACCESS_BY_REALM, LOGIN_INS_ACCOUNT_ACCESS, + LOGIN_GET_ACCOUNT_ID_BY_USERNAME, + LOGIN_GET_ACCOUNT_ACCESS_GMLEVEL, + LOGIN_GET_GMLEVEL_BY_REALMID, + LOGIN_GET_USERNAME_BY_ID, + LOGIN_SEL_CHECK_PASSWORD, + LOGIN_SEL_CHECK_PASSWORD_BY_NAME, + LOGIN_SEL_PINFO, + LOGIN_SEL_PINFO_BANS, + LOGIN_SEL_GM_ACCOUNTS, + LOGIN_SEL_ACCOUNT_INFO, + LOGIN_SEL_ACCOUNT_ACCESS_GMLEVEL_TEST, + LOGIN_SEL_ACCOUNT_ACCESS, + LOGIN_SEL_ACCOUNT_RECRUITER, + LOGIN_SEL_BANS, + LOGIN_SEL_ACCOUNT_WHOIS, + LOGIN_SEL_REALMLIST_SECURITY_LEVEL, MAX_LOGINDATABASE_STATEMENTS, }; diff --git a/src/server/shared/Database/Implementation/WorldDatabase.cpp b/src/server/shared/Database/Implementation/WorldDatabase.cpp index d9338bec401..92393acbc35 100755 --- a/src/server/shared/Database/Implementation/WorldDatabase.cpp +++ b/src/server/shared/Database/Implementation/WorldDatabase.cpp @@ -36,6 +36,7 @@ void WorldDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(WORLD_DEL_GAME_TELE, "DELETE FROM game_tele WHERE name = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_INS_NPC_VENODR, "INSERT INTO npc_vendor (entry, item, maxcount, incrtime, extendedcost) VALUES(?, ?, ?, ?, ?)", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_DEL_NPC_VENDOR, "DELETE FROM npc_vendor WHERE entry = ? AND item = ?", CONNECTION_ASYNC); + PREPARE_STATEMENT(WORLD_SEL_NPC_VENDOR_REF, "SELECT item, maxcount, incrtime, ExtendedCost FROM npc_vendor WHERE entry = ? ORDER BY slot ASC", CONNECTION_SYNCH); PREPARE_STATEMENT(WORLD_UPD_CREATURE_MOVEMENT_TYPE, "UPDATE creature SET MovementType = ? WHERE guid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_CREATURE_FACTION, "UPDATE creature_template SET faction_A = ?, faction_H = ? WHERE entry = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_CREATURE_NPCFLAG, "UPDATE creature_template SET npcflag = ? WHERE entry = ?", CONNECTION_ASYNC); @@ -48,10 +49,23 @@ void WorldDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_DATA_POINT, "UPDATE waypoint_data SET point = point - 1 WHERE id = ? AND point > ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_DATA_POSITION, "UPDATE waypoint_data SET position_x = ?, position_y = ?, position_z = ? where id = ? AND point = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_DATA_WPGUID, "UPDATE waypoint_data SET wpguid = ? WHERE id = ? and point = ?", CONNECTION_ASYNC); - PREPARE_STATEMENT(WORLD_UPD_ALL_WAYPOINT_DATA_WPGUID, "UPDATE waypoint_data SET wpguid = 0", CONNECTION_ASYNC); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_MAX_ID, "SELECT MAX(id) FROM waypoint_data", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_MAX_POINT, "SELECT MAX(point) FROM waypoint_data WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_BY_ID, "SELECT point, position_x, position_y, position_z, orientation, move_flag, delay, action, action_chance FROM waypoint_data WHERE id = ? ORDER BY point", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_POS_BY_ID, "SELECT point, position_x, position_y, position_z FROM waypoint_data WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_POS_FIRST_BY_ID, "SELECT position_x, position_y, position_z FROM waypoint_data WHERE point = 1 AND id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_POS_LAST_BY_ID, "SELECT position_x, position_y, position_z, orientation FROM waypoint_data WHERE id = ? ORDER BY point DESC LIMIT 1", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_BY_WPGUID, "SELECT id, point FROM waypoint_data WHERE wpguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_ALL_BY_WPGUID, "SELECT id, point, delay, move_flag, action, action_chance FROM waypoint_data WHERE wpguid = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_DATA_ALL_WPGUID, "UPDATE waypoint_data SET wpguid = 0", CONNECTION_ASYNC); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_BY_POS, "SELECT id, point FROM waypoint_data WHERE (abs(position_x - ?) <= ?) and (abs(position_y - ?) <= ?) and (abs(position_z - ?) <= ?)", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_DATA_WPGUID_BY_ID, "SELECT wpguid FROM waypoint_data WHERE id = ? and wpguid <> 0", CONNECTION_SYNCH); + PREPARE_STATEMENT(WOLRD_SEL_WAYPOINT_DATA_ACTION, "SELECT DISTINCT action FROM waypoint_data", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_SCRIPTS_MAX_ID, "SELECT MAX(guid) FROM waypoint_scripts", CONNECTION_SYNCH); PREPARE_STATEMENT(WORLD_INS_CREATURE_ADDON, "INSERT INTO creature_addon(guid, path_id) VALUES (?, ?)", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_CREATURE_ADDON_PATH, "UPDATE creature_addon SET path_id = ? WHERE guid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_DEL_CREATURE_ADDON, "DELETE FROM creature_addon WHERE guid = ?", CONNECTION_ASYNC); + PREPARE_STATEMENT(WORLD_SEL_CREATURE_ADDON_BY_GUID, "SELECT guid FROM creature_addon WHERE guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(WORLD_INS_WAYPOINT_SCRIPT, "INSERT INTO waypoint_scripts (guid) VALUES (?)", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_DEL_WAYPOINT_SCRIPT, "DELETE FROM waypoint_scripts WHERE guid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_SCRIPT_ID, "UPDATE waypoint_scripts SET id = ? WHERE guid = ?", CONNECTION_ASYNC); @@ -59,7 +73,15 @@ void WorldDatabaseConnection::DoPrepareStatements() PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_SCRIPT_Y, "UPDATE waypoint_scripts SET y = ? WHERE guid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_SCRIPT_Z, "UPDATE waypoint_scripts SET z = ? WHERE guid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_WAYPOINT_SCRIPT_O, "UPDATE waypoint_scripts SET o = ? WHERE guid = ?", CONNECTION_ASYNC); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_SCRIPT_ID_BY_GUID, "SELECT id FROM waypoint_scripts WHERE guid = ?", CONNECTION_SYNCH); PREPARE_STATEMENT(WORLD_DEL_CREATURE, "DELETE FROM creature WHERE guid = ?", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_INS_CREATURE_TRANSPORT, "INSERT INTO creature_transport (guid, npc_entry, transport_entry, TransOffsetX, TransOffsetY, TransOffsetZ, TransOffsetO) values (?, ?, ?, ?, ?, ?, ?)", CONNECTION_ASYNC); PREPARE_STATEMENT(WORLD_UPD_CREATURE_TRANSPORT_EMOTE, "UPDATE creature_transport SET emote = ? WHERE transport_entry = ? AND guid = ?", CONNECTION_ASYNC); + PREPARE_STATEMENT(WORLD_SEL_COMMANDS, "SELECT name, security, help FROM command", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_CREATURE_TEMPLATE, "SELECT difficulty_entry_1, difficulty_entry_2, difficulty_entry_3, KillCredit1, KillCredit2, modelid1, modelid2, modelid3, modelid4, name, subname, IconName, gossip_menu_id, minlevel, maxlevel, exp, faction_A, faction_H, npcflag, speed_walk, speed_run, scale, rank, mindmg, maxdmg, dmgschool, attackpower, dmg_multiplier, baseattacktime, rangeattacktime, unit_class, unit_flags, dynamicflags, family, trainer_type, trainer_spell, trainer_class, trainer_race, minrangedmg, maxrangedmg, rangedattackpower, type, type_flags, lootid, pickpocketloot, skinloot, resistance1, resistance2, resistance3, resistance4, resistance5, resistance6, spell1, spell2, spell3, spell4, spell5, spell6, spell7, spell8, PetSpellDataId, VehicleId, mingold, maxgold, AIName, MovementType, InhabitType, HoverHeight, Health_mod, Mana_mod, Armor_mod, RacialLeader, questItem1, questItem2, questItem3, questItem4, questItem5, questItem6, movementId, RegenHealth, equipment_id, mechanic_immune_mask, flags_extra, ScriptName FROM creature_template WHERE entry = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_WAYPOINT_SCRIPT_BY_ID, "SELECT guid, delay, command, datalong, datalong2, dataint, x, y, z, o FROM waypoint_scripts WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_IP2NATION_COUNTRY, "SELECT c.country FROM ip2nationCountries c, ip2nation i WHERE i.ip < ? AND c.code = i.country ORDER BY i.ip DESC LIMIT 0,1", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_ITEM_TEMPLATE_BY_NAME, "SELECT entry FROM item_template WHERE name = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_CREATURE_BY_ID, "SELECT guid FROM creature WHERE id = ?", CONNECTION_SYNCH); + PREPARE_STATEMENT(WORLD_SEL_GAMEOBJECT_NEAREST, "SELECT guid, id, position_x, position_y, position_z, map, (POW(position_x - ?, 2) + POW(position_y - ?, 2) + POW(position_z - ?, 2)) AS order_ FROM gameobject WHERE map = ? AND (POW(position_x - ?, 2) + POW(position_y - ?, 2) + POW(position_z - ?, 2)) <= ? ORDER BY order_", CONNECTION_SYNCH); } diff --git a/src/server/shared/Database/Implementation/WorldDatabase.h b/src/server/shared/Database/Implementation/WorldDatabase.h index 1d7cd1151e5..9b019306891 100755 --- a/src/server/shared/Database/Implementation/WorldDatabase.h +++ b/src/server/shared/Database/Implementation/WorldDatabase.h @@ -56,6 +56,7 @@ enum WorldDatabaseStatements WORLD_DEL_GAME_TELE, WORLD_INS_NPC_VENODR, WORLD_DEL_NPC_VENDOR, + WORLD_SEL_NPC_VENDOR_REF, WORLD_UPD_CREATURE_MOVEMENT_TYPE, WORLD_UPD_CREATURE_FACTION, WORLD_UPD_CREATURE_NPCFLAG, @@ -68,10 +69,23 @@ enum WorldDatabaseStatements WORLD_UPD_WAYPOINT_DATA_POINT, WORLD_UPD_WAYPOINT_DATA_POSITION, WORLD_UPD_WAYPOINT_DATA_WPGUID, - WORLD_UPD_ALL_WAYPOINT_DATA_WPGUID, + WORLD_UPD_WAYPOINT_DATA_ALL_WPGUID, + WORLD_SEL_WAYPOINT_DATA_MAX_ID, + WORLD_SEL_WAYPOINT_DATA_BY_ID, + WORLD_SEL_WAYPOINT_DATA_POS_BY_ID, + WORLD_SEL_WAYPOINT_DATA_POS_FIRST_BY_ID, + WORLD_SEL_WAYPOINT_DATA_POS_LAST_BY_ID, + WORLD_SEL_WAYPOINT_DATA_BY_WPGUID, + WORLD_SEL_WAYPOINT_DATA_ALL_BY_WPGUID, + WORLD_SEL_WAYPOINT_DATA_MAX_POINT, + WORLD_SEL_WAYPOINT_DATA_BY_POS, + WORLD_SEL_WAYPOINT_DATA_WPGUID_BY_ID, + WOLRD_SEL_WAYPOINT_DATA_ACTION, + WORLD_SEL_WAYPOINT_SCRIPTS_MAX_ID, WORLD_UPD_CREATURE_ADDON_PATH, WORLD_INS_CREATURE_ADDON, WORLD_DEL_CREATURE_ADDON, + WORLD_SEL_CREATURE_ADDON_BY_GUID, WORLD_INS_WAYPOINT_SCRIPT, WORLD_DEL_WAYPOINT_SCRIPT, WORLD_UPD_WAYPOINT_SCRIPT_ID, @@ -79,9 +93,18 @@ enum WorldDatabaseStatements WORLD_UPD_WAYPOINT_SCRIPT_Y, WORLD_UPD_WAYPOINT_SCRIPT_Z, WORLD_UPD_WAYPOINT_SCRIPT_O, + WORLD_SEL_WAYPOINT_SCRIPT_ID_BY_GUID, WORLD_DEL_CREATURE, WORLD_INS_CREATURE_TRANSPORT, WORLD_UPD_CREATURE_TRANSPORT_EMOTE, + WORLD_SEL_COMMANDS, + WORLD_SEL_CREATURE_TEMPLATE, + WORLD_SEL_WAYPOINT_SCRIPT_BY_ID, + WORLD_SEL_IP2NATION_COUNTRY, + WORLD_SEL_ITEM_TEMPLATE_BY_NAME, + WORLD_SEL_CREATURE_BY_ID, + WORLD_SEL_GAMEOBJECT_NEAREST, + WORLD_SEL_GAMEOBJECT_TARGET, MAX_WORLDDATABASE_STATEMENTS, }; diff --git a/src/server/worldserver/CommandLine/CliRunnable.cpp b/src/server/worldserver/CommandLine/CliRunnable.cpp index 8e04a9c2f34..0721515ea73 100755 --- a/src/server/worldserver/CommandLine/CliRunnable.cpp +++ b/src/server/worldserver/CommandLine/CliRunnable.cpp @@ -125,29 +125,44 @@ void commandFinished(void*, bool /*success*/) */ bool ChatHandler::GetDeletedCharacterInfoList(DeletedInfoList& foundList, std::string searchString) { - QueryResult resultChar; + PreparedQueryResult result; + PreparedStatement* stmt; if (!searchString.empty()) { // search by GUID if (isNumeric(searchString.c_str())) - resultChar = CharacterDatabase.PQuery("SELECT guid, deleteInfos_Name, deleteInfos_Account, deleteDate FROM characters WHERE deleteDate IS NOT NULL AND guid = %u", uint64(atoi(searchString.c_str()))); + { + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_DEL_INFO_BY_GUID); + + stmt->setUInt32(0, uint32(atoi(searchString.c_str()))); + + result = CharacterDatabase.Query(stmt); + } // search by name else { if (!normalizePlayerName(searchString)) return false; - resultChar = CharacterDatabase.PQuery("SELECT guid, deleteInfos_Name, deleteInfos_Account, deleteDate FROM characters WHERE deleteDate IS NOT NULL AND deleteInfos_Name " _LIKE_ " " _CONCAT3_("'%%'", "'%s'", "'%%'"), searchString.c_str()); + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_DEL_INFO_BY_NAME); + + stmt->setString(0, searchString); + + result = CharacterDatabase.Query(stmt); } } else - resultChar = CharacterDatabase.Query("SELECT guid, deleteInfos_Name, deleteInfos_Account, deleteDate FROM characters WHERE deleteDate IS NOT NULL"); + { + stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHAR_DEL_INFO); + + result = CharacterDatabase.Query(stmt); + } - if (resultChar) + if (result) { do { - Field* fields = resultChar->Fetch(); + Field* fields = result->Fetch(); DeletedInfo info; @@ -161,7 +176,7 @@ bool ChatHandler::GetDeletedCharacterInfoList(DeletedInfoList& foundList, std::s info.deleteDate = time_t(fields[3].GetUInt32()); foundList.push_back(info); - } while (resultChar->NextRow()); + } while (result->NextRow()); } return true; diff --git a/src/server/worldserver/RemoteAccess/RASocket.cpp b/src/server/worldserver/RemoteAccess/RASocket.cpp index e5637d282c6..d7b366a2e2a 100755 --- a/src/server/worldserver/RemoteAccess/RASocket.cpp +++ b/src/server/worldserver/RemoteAccess/RASocket.cpp @@ -174,12 +174,15 @@ int RASocket::process_command(const std::string& command) int RASocket::check_access_level(const std::string& user) { - std::string safe_user = user; + std::string safeUser = user; + + AccountMgr::normalizeString(safeUser); + - AccountMgr::normalizeString(safe_user); - LoginDatabase.EscapeString(safe_user); - QueryResult result = LoginDatabase.PQuery("SELECT a.id, aa.gmlevel, aa.RealmID FROM account a LEFT JOIN account_access aa ON (a.id = aa.id) WHERE a.username = '%s'", safe_user.c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_ACCESS); + stmt->setString(0, safeUser); + PreparedQueryResult result = LoginDatabase.Query(stmt); if (!result) { @@ -207,19 +210,20 @@ int RASocket::check_password(const std::string& user, const std::string& pass) { std::string safe_user = user; AccountMgr::normalizeString(safe_user); - LoginDatabase.EscapeString(safe_user); std::string safe_pass = pass; AccountMgr::normalizeString(safe_pass); - LoginDatabase.EscapeString(safe_pass); std::string hash = AccountMgr::CalculateShaPassHash(safe_user, safe_pass); - QueryResult check = LoginDatabase.PQuery( - "SELECT 1 FROM account WHERE username = '%s' AND sha_pass_hash = '%s'", - safe_user.c_str(), hash.c_str()); + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD_BY_NAME); - if (!check) + stmt->setString(0, safe_user); + stmt->setString(1, hash); + + PreparedQueryResult result = LoginDatabase.Query(stmt); + + if (!result) { sLog->outRemote("Wrong password for user: %s", user.c_str()); return -1; |