Core/DBLayer: Convert PQuery() queries to prepared statements

author: leak <leak@bitmx.net> 2012-03-24 01:25:08 +0100
committer: leak <leak@bitmx.net> 2012-03-24 01:25:08 +0100
commit: 12e55a04bb14f4a56576dcc0ead35e996d7dcc7d (patch)
tree: e99f4982d0f249d30ae51479c3f6975f757bb851 /src/server/game/Tools/PlayerDump.cpp
parent: 8e96b86715ac78e18d8fa5e14d9e7b9a3f2dc125 (diff)
1 files changed, 12 insertions, 5 deletions
diff --git a/src/server/game/Tools/PlayerDump.cpp b/src/server/game/Tools/PlayerDump.cpp
index 900fcf7392a..8d5d16d22b9 100644
--- a/src/server/game/Tools/PlayerDump.cpp
+++ b/src/server/game/Tools/PlayerDump.cpp
@@ -406,7 +406,10 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s
     bool incHighest = true;
     if (guid != 0 && guid < sObjectMgr->_hiCharGuid)
     {
-        result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE guid = '%d'", guid);
+        PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHECK_GUID);
+        stmt->setUInt32(0, guid);
+        PreparedQueryResult result = CharacterDatabase.Query(stmt);
+
         if (result)
             guid = sObjectMgr->_hiCharGuid;                     // use first free if exists
         else incHighest = false;
@@ -420,8 +423,10 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s
 
     if (ObjectMgr::CheckPlayerName(name, true) == CHAR_NAME_SUCCESS)
     {
-        CharacterDatabase.EscapeString(name);              // for safe, we use name only for sql quearies anyway
-        result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE name = '%s'", name.c_str());
+        PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHECK_NAME);
+        stmt->setString(0, name);
+        PreparedQueryResult result = CharacterDatabase.Query(stmt);
+
         if (result)
             name = "";                                      // use the one from the dump
     }
@@ -524,9 +529,11 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s
                 {
                     // check if the original name already exists
                     name = getnth(line, 3);
-                    CharacterDatabase.EscapeString(name);
 
-                    result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE name = '%s'", name.c_str());
+                    PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_SEL_CHECK_NAME);
+                    stmt->setString(0, name);
+                    PreparedQueryResult result = CharacterDatabase.Query(stmt);
+
                     if (result)
                         if (!changenth(line, 37, "1"))       // characters.at_login set to "rename on login"
                             ROLLBACK(DUMP_FILE_BROKEN);
author	leak <leak@bitmx.net>	2012-03-24 01:25:08 +0100
committer	leak <leak@bitmx.net>	2012-03-24 01:25:08 +0100
commit	12e55a04bb14f4a56576dcc0ead35e996d7dcc7d (patch)
tree	e99f4982d0f249d30ae51479c3f6975f757bb851 /src/server/game/Tools/PlayerDump.cpp
parent	8e96b86715ac78e18d8fa5e14d9e7b9a3f2dc125 (diff)