aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/server/game/Server/Protocol/Handlers/MiscHandler.cpp25
-rwxr-xr-xsrc/server/game/Server/WorldSession.cpp4
-rwxr-xr-xsrc/server/game/Server/WorldSession.h4
-rwxr-xr-xsrc/server/shared/Database/Implementation/CharacterDatabase.cpp1
-rwxr-xr-xsrc/server/shared/Database/Implementation/CharacterDatabase.h1
5 files changed, 19 insertions, 16 deletions
diff --git a/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp b/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp
index 702c3c29982..aef3bf03bd9 100755
--- a/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp
+++ b/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp
@@ -531,24 +531,23 @@ void WorldSession::HandleAddFriendOpcode(WorldPacket & recv_data)
if (!normalizePlayerName(friendName))
return;
- CharacterDatabase.EscapeString(friendName); // prevent SQL injection - normal name must not be changed by this call
+ sLog->outDebug(LOG_FILTER_NETWORKIO, "WORLD: %s asked to add friend : '%s'", GetPlayer()->GetName(), friendName.c_str());
- sLog->outDebug(LOG_FILTER_NETWORKIO, "WORLD: %s asked to add friend : '%s'",
- GetPlayer()->GetName(), friendName.c_str());
+ PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_GET_GUID_RACE_ACC_BY_NAME);
+
+ stmt->setString(0, friendName);
_addFriendCallback.SetParam(friendNote);
- _addFriendCallback.SetFutureResult(
- CharacterDatabase.AsyncPQuery("SELECT guid, race, account FROM characters WHERE name = '%s'", friendName.c_str())
- );
+ _addFriendCallback.SetFutureResult(CharacterDatabase.AsyncQuery(stmt));
}
-void WorldSession::HandleAddFriendOpcodeCallBack(QueryResult result, std::string friendNote)
+void WorldSession::HandleAddFriendOpcodeCallBack(PreparedQueryResult result, std::string friendNote)
{
if (!GetPlayer())
return;
uint64 friendGuid;
- uint32 friendAcctid;
+ uint32 friendAccountId;
uint32 team;
FriendsResult friendResult;
@@ -557,11 +556,13 @@ void WorldSession::HandleAddFriendOpcodeCallBack(QueryResult result, std::string
if (result)
{
- friendGuid = MAKE_NEW_GUID((*result)[0].GetUInt32(), 0, HIGHGUID_PLAYER);
- team = Player::TeamForRace((*result)[1].GetUInt8());
- friendAcctid = (*result)[2].GetUInt32();
+ Field* fields = result->Fetch();
+
+ friendGuid = MAKE_NEW_GUID(fields[0].GetUInt32(), 0, HIGHGUID_PLAYER);
+ team = Player::TeamForRace(fields[1].GetUInt8());
+ friendAccountId = fields[2].GetUInt32();
- if (!AccountMgr::IsPlayerAccount(GetSecurity()) || sWorld->getBoolConfig(CONFIG_ALLOW_GM_FRIEND) || AccountMgr::IsPlayerAccount(AccountMgr::GetSecurity(friendAcctid, realmID)))
+ if (!AccountMgr::IsPlayerAccount(GetSecurity()) || sWorld->getBoolConfig(CONFIG_ALLOW_GM_FRIEND) || AccountMgr::IsPlayerAccount(AccountMgr::GetSecurity(friendAccountId, realmID)))
{
if (friendGuid)
{
diff --git a/src/server/game/Server/WorldSession.cpp b/src/server/game/Server/WorldSession.cpp
index 058ef875b0d..54d477abf69 100755
--- a/src/server/game/Server/WorldSession.cpp
+++ b/src/server/game/Server/WorldSession.cpp
@@ -1040,8 +1040,8 @@ void WorldSession::ProcessQueryCallbacks()
if (_addFriendCallback.IsReady())
{
std::string param = _addFriendCallback.GetParam();
- _addFriendCallback.GetResult(result);
- HandleAddFriendOpcodeCallBack(result, param);
+ _addFriendCallback.GetResult(result2);
+ HandleAddFriendOpcodeCallBack(result2, param);
_addFriendCallback.FreeResult();
}
diff --git a/src/server/game/Server/WorldSession.h b/src/server/game/Server/WorldSession.h
index 0763602e9c1..5f36dbc9547 100755
--- a/src/server/game/Server/WorldSession.h
+++ b/src/server/game/Server/WorldSession.h
@@ -469,7 +469,7 @@ class WorldSession
void HandleEmoteOpcode(WorldPacket& recvPacket);
void HandleContactListOpcode(WorldPacket& recvPacket);
void HandleAddFriendOpcode(WorldPacket& recvPacket);
- void HandleAddFriendOpcodeCallBack(QueryResult result, std::string friendNote);
+ void HandleAddFriendOpcodeCallBack(PreparedQueryResult result, std::string friendNote);
void HandleDelFriendOpcode(WorldPacket& recvPacket);
void HandleAddIgnoreOpcode(WorldPacket& recvPacket);
void HandleAddIgnoreOpcodeCallBack(PreparedQueryResult result);
@@ -900,7 +900,7 @@ class WorldSession
PreparedQueryResultFuture _addIgnoreCallback;
PreparedQueryResultFuture _stablePetCallback;
QueryCallback<PreparedQueryResult, std::string> _charRenameCallback;
- QueryCallback<QueryResult, std::string> _addFriendCallback;
+ QueryCallback<PreparedQueryResult, std::string> _addFriendCallback;
QueryCallback<QueryResult, uint32> _unstablePetCallback;
QueryCallback<QueryResult, uint32> _stableSwapCallback;
QueryCallback<QueryResult, uint64> _sendStabledPetCallback;
diff --git a/src/server/shared/Database/Implementation/CharacterDatabase.cpp b/src/server/shared/Database/Implementation/CharacterDatabase.cpp
index b6af9da6e46..0cbf4f8f4b4 100755
--- a/src/server/shared/Database/Implementation/CharacterDatabase.cpp
+++ b/src/server/shared/Database/Implementation/CharacterDatabase.cpp
@@ -40,6 +40,7 @@ void CharacterDatabaseConnection::DoPrepareStatements()
PREPARE_STATEMENT(CHAR_GET_ENUM_DECLINED_NAME, "SELECT c.guid, c.name, c.race, c.class, c.gender, c.playerBytes, c.playerBytes2, c.level, c.zone, c.map, c.position_x, c.position_y, c.position_z, gm.guildid, c.playerFlags, c.at_login, cp.entry, cp.modelid, cp.level, c.equipmentCache, cb.guid, cd.genitive FROM characters AS c LEFT JOIN character_pet AS cp ON c.guid = cp.owner AND cp.slot = ? LEFT JOIN character_declinedname AS cd ON c.guid = cd.guid LEFT JOIN guild_member AS gm ON c.guid = gm.guid LEFT JOIN character_banned AS cb ON c.guid = cb.guid AND cb.active = 1 WHERE c.account = ? ORDER BY c.guid", CONNECTION_ASYNC);
PREPARE_STATEMENT(CHAR_GET_PET_SLOTS, "SELECT owner, slot FROM character_pet WHERE owner = ? AND slot >= ? AND slot <= ? ORDER BY slot", CONNECTION_ASYNC);
PREPARE_STATEMENT(CHAR_GET_FREE_NAME, "SELECT guid, name FROM characters WHERE guid = ? AND account = ? AND (at_login & ?) = ? AND NOT EXISTS (SELECT NULL FROM characters WHERE name = ?)", CONNECTION_ASYNC);
+ PREPARE_STATEMENT(CHAR_GET_GUID_RACE_ACC_BY_NAME, "SELECT guid, race, account FROM characters WHERE name = ?", CONNECTION_ASYNC);
// Start LoginQueryHolder content
PREPARE_STATEMENT(CHAR_LOAD_PLAYER, "SELECT guid, account, name, race, class, gender, level, xp, money, playerBytes, playerBytes2, playerFlags, "
diff --git a/src/server/shared/Database/Implementation/CharacterDatabase.h b/src/server/shared/Database/Implementation/CharacterDatabase.h
index adaa9d2709c..a9464aed34f 100755
--- a/src/server/shared/Database/Implementation/CharacterDatabase.h
+++ b/src/server/shared/Database/Implementation/CharacterDatabase.h
@@ -60,6 +60,7 @@ enum CharacterDatabaseStatements
CHAR_GET_ENUM_DECLINED_NAME,
CHAR_GET_PET_SLOTS,
CHAR_GET_FREE_NAME,
+ CHAR_GET_GUID_RACE_ACC_BY_NAME,
CHAR_LOAD_PLAYER,
CHAR_LOAD_PLAYER_GROUP,
CHAR_LOAD_PLAYER_BOUNDINSTANCES,