Core/DBLayer: Prevent using prepared statements on wrong database

(cherry picked from commit e8e89f58fb800014f53341f12505f60ee2b5fb6f) # Conflicts: # src/server/bnetserver/REST/LoginRESTService.cpp # src/server/bnetserver/Server/Session.cpp # src/server/database/Database/DatabaseWorkerPool.cpp # src/server/database/Database/Implementation/HotfixDatabase.h # src/server/database/Database/MySQLConnection.cpp # src/server/database/Database/MySQLConnection.h # src/server/database/Database/PreparedStatement.cpp # src/server/database/Database/PreparedStatement.h # src/server/database/Database/QueryHolder.cpp # src/server/database/Database/SQLOperation.h # src/server/database/Database/Transaction.h # src/server/game/Accounts/BattlenetAccountMgr.cpp # src/server/game/Achievements/AchievementMgr.cpp # src/server/game/AuctionHouse/AuctionHouseMgr.cpp # src/server/game/AuctionHouseBot/AuctionHouseBot.cpp # src/server/game/AuctionHouseBot/AuctionHouseBotBuyer.cpp # src/server/game/BattlePets/BattlePetMgr.cpp # src/server/game/Battlegrounds/ArenaTeam.cpp # src/server/game/BlackMarket/BlackMarketMgr.cpp # src/server/game/Chat/Channels/Channel.cpp # src/server/game/Entities/Corpse/Corpse.cpp # src/server/game/Entities/Creature/Creature.cpp # src/server/game/Entities/GameObject/GameObject.cpp # src/server/game/Entities/Item/Item.cpp # src/server/game/Entities/Pet/Pet.cpp # src/server/game/Entities/Player/CollectionMgr.cpp # src/server/game/Entities/Player/Player.cpp # src/server/game/Garrison/Garrison.cpp # src/server/game/Globals/ObjectMgr.cpp # src/server/game/Groups/Group.cpp # src/server/game/Guilds/Guild.cpp # src/server/game/Guilds/GuildFinderMgr.cpp # src/server/game/Guilds/GuildMgr.cpp # src/server/game/Handlers/AuctionHouseHandler.cpp # src/server/game/Handlers/CharacterHandler.cpp # src/server/game/Handlers/ItemHandler.cpp # src/server/game/Handlers/MailHandler.cpp # src/server/game/Handlers/MiscHandler.cpp # src/server/game/Handlers/PetitionsHandler.cpp # src/server/game/Handlers/SpellHandler.cpp # src/server/game/Handlers/TicketHandler.cpp # src/server/game/Loot/Loot.cpp # src/server/game/Mails/Mail.cpp # src/server/game/Maps/Map.cpp # src/server/game/Movement/Waypoints/WaypointManager.cpp # src/server/game/OutdoorPvP/OutdoorPvP.cpp # src/server/game/Pools/PoolMgr.cpp # src/server/game/Quests/QuestObjectiveCriteriaMgr.cpp # src/server/game/Reputation/ReputationMgr.cpp # src/server/game/Scenarios/InstanceScenario.cpp # src/server/game/Server/WorldSession.cpp # src/server/game/Server/WorldSocket.cpp # src/server/game/Spells/SpellHistory.cpp # src/server/game/Support/SupportMgr.cpp # src/server/game/Tools/PlayerDump.cpp # src/server/game/World/World.cpp # src/server/scripts/Commands/cs_account.cpp # src/server/scripts/Commands/cs_ban.cpp # src/server/scripts/Commands/cs_battlenet_account.cpp # src/server/scripts/Commands/cs_group.cpp # src/server/scripts/Commands/cs_lfg.cpp # src/server/scripts/Commands/cs_list.cpp # src/server/scripts/Commands/cs_message.cpp # src/server/scripts/Commands/cs_misc.cpp # src/server/scripts/Commands/cs_npc.cpp # src/server/scripts/Commands/cs_tele.cpp # src/server/scripts/Commands/cs_wp.cpp # src/server/shared/DataStores/DB2DatabaseLoader.cpp # src/server/shared/Realm/RealmList.cpp
author: Shauren <shauren.trinity@gmail.com> 2019-07-27 01:00:37 +0200
committer: Giacomo Pozzoni <giacomopoz@gmail.com> 2020-03-31 13:42:01 +0000
commit: fe1003bdbd88e2bccf2ac91ffd18804a6d9b6fb3 (patch)
tree: 35657c5b61793491be1c52364eb48b1fdb13003c /src/server/game/Accounts
parent: f880132bb952656378172c9b54093473d279f506 (diff)
2 files changed, 39 insertions, 39 deletions
diff --git a/src/server/game/Accounts/AccountMgr.cpp b/src/server/game/Accounts/AccountMgr.cpp
index e487b0274ae..6b5af4ab6a9 100644
--- a/src/server/game/Accounts/AccountMgr.cpp
+++ b/src/server/game/Accounts/AccountMgr.cpp
@@ -56,7 +56,7 @@ AccountOpResult AccountMgr::CreateAccount(std::string username, std::string pass
     if (GetId(username))
         return AccountOpResult::AOR_NAME_ALREADY_EXIST;                       // username does already exist
 
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
 
     stmt->setString(0, username);
     stmt->setString(1, CalculateShaPassHash(username, password));
@@ -74,15 +74,15 @@ AccountOpResult AccountMgr::CreateAccount(std::string username, std::string pass
 AccountOpResult AccountMgr::DeleteAccount(uint32 accountId)
 {
     // Check if accounts exists
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID);
-    stmt->setUInt32(0, accountId);
-    PreparedQueryResult result = LoginDatabase.Query(stmt);
+    LoginDatabasePreparedStatement* loginStmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID);
+    loginStmt->setUInt32(0, accountId);
+    PreparedQueryResult result = LoginDatabase.Query(loginStmt);
 
     if (!result)
         return AccountOpResult::AOR_NAME_NOT_EXIST;
 
     // Obtain accounts characters
-    stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARS_BY_ACCOUNT_ID);
+    CharacterDatabasePreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHARS_BY_ACCOUNT_ID);
 
     stmt->setUInt32(0, accountId);
 
@@ -121,25 +121,25 @@ AccountOpResult AccountMgr::DeleteAccount(uint32 accountId)
 
     SQLTransaction trans = LoginDatabase.BeginTransaction();
 
-    stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT);
-    stmt->setUInt32(0, accountId);
-    trans->Append(stmt);
+    loginStmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT);
+    loginStmt->setUInt32(0, accountId);
+    trans->Append(loginStmt);
 
-    stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_ACCESS);
-    stmt->setUInt32(0, accountId);
-    trans->Append(stmt);
+    loginStmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_ACCESS);
+    loginStmt->setUInt32(0, accountId);
+    trans->Append(loginStmt);
 
-    stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_REALM_CHARACTERS);
-    stmt->setUInt32(0, accountId);
-    trans->Append(stmt);
+    loginStmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_REALM_CHARACTERS);
+    loginStmt->setUInt32(0, accountId);
+    trans->Append(loginStmt);
 
-    stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_BANNED);
-    stmt->setUInt32(0, accountId);
-    trans->Append(stmt);
+    loginStmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_BANNED);
+    loginStmt->setUInt32(0, accountId);
+    trans->Append(loginStmt);
 
-    stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_MUTED);
-    stmt->setUInt32(0, accountId);
-    trans->Append(stmt);
+    loginStmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_MUTED);
+    loginStmt->setUInt32(0, accountId);
+    trans->Append(loginStmt);
 
     LoginDatabase.CommitTransaction(trans);
 
@@ -149,7 +149,7 @@ AccountOpResult AccountMgr::DeleteAccount(uint32 accountId)
 AccountOpResult AccountMgr::ChangeUsername(uint32 accountId, std::string newUsername, std::string newPassword)
 {
     // Check if accounts exists
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID);
     stmt->setUInt32(0, accountId);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
 
@@ -195,7 +195,7 @@ AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPass
     Utf8ToUpperOnlyLatin(username);
     Utf8ToUpperOnlyLatin(newPassword);
 
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_PASSWORD);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_PASSWORD);
 
     stmt->setString(0, CalculateShaPassHash(username, newPassword));
     stmt->setUInt32(1, accountId);
@@ -233,7 +233,7 @@ AccountOpResult AccountMgr::ChangeEmail(uint32 accountId, std::string newEmail)
     Utf8ToUpperOnlyLatin(username);
     Utf8ToUpperOnlyLatin(newEmail);
 
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_EMAIL);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_EMAIL);
 
     stmt->setString(0, newEmail);
     stmt->setUInt32(1, accountId);
@@ -263,7 +263,7 @@ AccountOpResult AccountMgr::ChangeRegEmail(uint32 accountId, std::string newEmai
     Utf8ToUpperOnlyLatin(username);
     Utf8ToUpperOnlyLatin(newEmail);
 
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_REG_EMAIL);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_REG_EMAIL);
 
     stmt->setString(0, newEmail);
     stmt->setUInt32(1, accountId);
@@ -276,7 +276,7 @@ AccountOpResult AccountMgr::ChangeRegEmail(uint32 accountId, std::string newEmai
 
 uint32 AccountMgr::GetId(std::string const& username)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ID_BY_USERNAME);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ID_BY_USERNAME);
     stmt->setString(0, username);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
 
@@ -285,7 +285,7 @@ uint32 AccountMgr::GetId(std::string const& username)
 
 uint32 AccountMgr::GetSecurity(uint32 accountId)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ACCESS_GMLEVEL);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ACCESS_GMLEVEL);
     stmt->setUInt32(0, accountId);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
 
@@ -294,7 +294,7 @@ uint32 AccountMgr::GetSecurity(uint32 accountId)
 
 uint32 AccountMgr::GetSecurity(uint32 accountId, int32 realmId)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_GMLEVEL_BY_REALMID);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_GMLEVEL_BY_REALMID);
     stmt->setUInt32(0, accountId);
     stmt->setInt32(1, realmId);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
@@ -304,7 +304,7 @@ uint32 AccountMgr::GetSecurity(uint32 accountId, int32 realmId)
 
 bool AccountMgr::GetName(uint32 accountId, std::string& name)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_USERNAME_BY_ID);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_USERNAME_BY_ID);
     stmt->setUInt32(0, accountId);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
 
@@ -319,7 +319,7 @@ bool AccountMgr::GetName(uint32 accountId, std::string& name)
 
 bool AccountMgr::GetEmail(uint32 accountId, std::string& email)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_EMAIL_BY_ID);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_EMAIL_BY_ID);
     stmt->setUInt32(0, accountId);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
 
@@ -342,7 +342,7 @@ bool AccountMgr::CheckPassword(uint32 accountId, std::string password)
     Utf8ToUpperOnlyLatin(username);
     Utf8ToUpperOnlyLatin(password);
 
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD);
     stmt->setUInt32(0, accountId);
     stmt->setString(1, CalculateShaPassHash(username, password));
     PreparedQueryResult result = LoginDatabase.Query(stmt);
@@ -370,7 +370,7 @@ bool AccountMgr::CheckEmail(uint32 accountId, std::string newEmail)
 uint32 AccountMgr::GetCharactersCount(uint32 accountId)
 {
     // check character count
-    PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_SUM_CHARS);
+    CharacterDatabasePreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_SUM_CHARS);
     stmt->setUInt32(0, accountId);
     PreparedQueryResult result = CharacterDatabase.Query(stmt);
 
@@ -391,7 +391,7 @@ std::string AccountMgr::CalculateShaPassHash(std::string const& name, std::strin
 
 bool AccountMgr::IsBannedAccount(std::string const& name)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BANNED_BY_USERNAME);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BANNED_BY_USERNAME);
     stmt->setString(0, name);
     PreparedQueryResult result = LoginDatabase.Query(stmt);
 
@@ -512,13 +512,13 @@ void AccountMgr::UpdateAccountAccess(rbac::RBACData* rbac, uint32 accountId, uin
     // Delete old security level from DB
     if (realmId == -1)
     {
-        PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_ACCESS);
+        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_ACCESS);
         stmt->setUInt32(0, accountId);
         trans->Append(stmt);
     }
     else
     {
-        PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_ACCESS_BY_REALM);
+        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_ACCOUNT_ACCESS_BY_REALM);
         stmt->setUInt32(0, accountId);
         stmt->setUInt32(1, realmId);
         trans->Append(stmt);
@@ -527,7 +527,7 @@ void AccountMgr::UpdateAccountAccess(rbac::RBACData* rbac, uint32 accountId, uin
     // Add new security level
     if (securityLevel)
     {
-        PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT_ACCESS);
+        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT_ACCESS);
         stmt->setUInt32(0, accountId);
         stmt->setUInt8(1, securityLevel);
         stmt->setInt32(2, realmId);
diff --git a/src/server/game/Accounts/RBAC.cpp b/src/server/game/Accounts/RBAC.cpp
index d90cd83614d..2b79a79cdb8 100644
--- a/src/server/game/Accounts/RBAC.cpp
+++ b/src/server/game/Accounts/RBAC.cpp
@@ -130,7 +130,7 @@ RBACCommandResult RBACData::DenyPermission(uint32 permissionId, int32 realmId /*
 
 void RBACData::SavePermission(uint32 permission, bool granted, int32 realmId)
 {
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_RBAC_ACCOUNT_PERMISSION);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_RBAC_ACCOUNT_PERMISSION);
     stmt->setUInt32(0, GetId());
     stmt->setUInt32(1, permission);
     stmt->setBool(2, granted);
@@ -156,7 +156,7 @@ RBACCommandResult RBACData::RevokePermission(uint32 permissionId, int32 realmId
     {
         TC_LOG_TRACE("rbac", "RBACData::RevokePermission [Id: %u Name: %s] (Permission %u, RealmId %d). Ok and DB updated",
                        GetId(), GetName().c_str(), permissionId, realmId);
-        PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_RBAC_ACCOUNT_PERMISSION);
+        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_RBAC_ACCOUNT_PERMISSION);
         stmt->setUInt32(0, GetId());
         stmt->setUInt32(1, permissionId);
         stmt->setInt32(2, realmId);
@@ -177,7 +177,7 @@ void RBACData::LoadFromDB()
 
     TC_LOG_DEBUG("rbac", "RBACData::LoadFromDB [Id: %u Name: %s]: Loading permissions", GetId(), GetName().c_str());
     // Load account permissions (granted and denied) that affect current realm
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_RBAC_ACCOUNT_PERMISSIONS);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_RBAC_ACCOUNT_PERMISSIONS);
     stmt->setUInt32(0, GetId());
     stmt->setInt32(1, GetRealmId());
 
@@ -190,7 +190,7 @@ QueryCallback RBACData::LoadFromDBAsync()
 
     TC_LOG_DEBUG("rbac", "RBACData::LoadFromDB [Id: %u Name: %s]: Loading permissions", GetId(), GetName().c_str());
     // Load account permissions (granted and denied) that affect current realm
-    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_RBAC_ACCOUNT_PERMISSIONS);
+    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_RBAC_ACCOUNT_PERMISSIONS);
     stmt->setUInt32(0, GetId());
     stmt->setInt32(1, GetRealmId());
author	Shauren <shauren.trinity@gmail.com>	2019-07-27 01:00:37 +0200
committer	Giacomo Pozzoni <giacomopoz@gmail.com>	2020-03-31 13:42:01 +0000
commit	fe1003bdbd88e2bccf2ac91ffd18804a6d9b6fb3 (patch)
tree	35657c5b61793491be1c52364eb48b1fdb13003c /src/server/game/Accounts
parent	f880132bb952656378172c9b54093473d279f506 (diff)