diff options
Diffstat (limited to 'src')
21 files changed, 43 insertions, 43 deletions
diff --git a/src/server/game/Accounts/AccountMgr.cpp b/src/server/game/Accounts/AccountMgr.cpp index 614400af21f..47320b1b542 100755 --- a/src/server/game/Accounts/AccountMgr.cpp +++ b/src/server/game/Accounts/AccountMgr.cpp @@ -108,7 +108,7 @@ AccountOpResult AccountMgr::ChangeUsername(uint32 accid, std::string new_uname, normalizeString(new_passwd); std::string safe_new_uname = new_uname; - LoginDatabase.escape_string(safe_new_uname); + LoginDatabase.EscapeString(safe_new_uname); LoginDatabase.PExecute("UPDATE account SET v='0', s='0', username='%s', sha_pass_hash='%s' WHERE id='%d'", safe_new_uname.c_str(), CalculateShaPassHash(new_uname, new_passwd).c_str(), accid); @@ -138,7 +138,7 @@ AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd) uint32 AccountMgr::GetId(std::string username) { - LoginDatabase.escape_string(username); + LoginDatabase.EscapeString(username); QueryResult result = LoginDatabase.PQuery("SELECT id FROM account WHERE username = '%s'", username.c_str()); if (!result) return 0; diff --git a/src/server/game/Addons/AddonMgr.cpp b/src/server/game/Addons/AddonMgr.cpp index f2fc4d9d1ad..d892e64b316 100755 --- a/src/server/game/Addons/AddonMgr.cpp +++ b/src/server/game/Addons/AddonMgr.cpp @@ -67,7 +67,7 @@ void AddonMgr::LoadFromDB() void AddonMgr::SaveAddon(AddonInfo const& addon) { std::string name = addon.Name; - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); CharacterDatabase.PExecute("INSERT INTO addons (name, crc) VALUES ('%s', %u)", name.c_str(), addon.CRC); SavedAddon newAddon(addon.Name, addon.CRC); diff --git a/src/server/game/Chat/Commands/Level2.cpp b/src/server/game/Chat/Commands/Level2.cpp index e1b9b61e920..587bba4d66f 100755 --- a/src/server/game/Chat/Commands/Level2.cpp +++ b/src/server/game/Chat/Commands/Level2.cpp @@ -611,7 +611,7 @@ bool ChatHandler::HandleLookupPlayerIpCommand(const char* args) char* limit_str = strtok (NULL, " "); int32 limit = limit_str ? atoi (limit_str) : -1; - LoginDatabase.escape_string (ip); + LoginDatabase.EscapeString (ip); QueryResult result = LoginDatabase.PQuery ("SELECT id, username FROM account WHERE last_ip = '%s'", ip.c_str ()); @@ -630,7 +630,7 @@ bool ChatHandler::HandleLookupPlayerAccountCommand(const char* args) if (!AccountMgr::normalizeString (account)) return false; - LoginDatabase.escape_string (account); + LoginDatabase.EscapeString (account); QueryResult result = LoginDatabase.PQuery ("SELECT id, username FROM account WHERE username = '%s'", account.c_str ()); @@ -647,7 +647,7 @@ bool ChatHandler::HandleLookupPlayerEmailCommand(const char* args) char* limit_str = strtok (NULL, " "); int32 limit = limit_str ? atoi (limit_str) : -1; - LoginDatabase.escape_string (email); + LoginDatabase.EscapeString (email); QueryResult result = LoginDatabase.PQuery ("SELECT id, username FROM account WHERE email = '%s'", email.c_str ()); diff --git a/src/server/game/Chat/Commands/Level3.cpp b/src/server/game/Chat/Commands/Level3.cpp index 94a9c592793..83469f17100 100755 --- a/src/server/game/Chat/Commands/Level3.cpp +++ b/src/server/game/Chat/Commands/Level3.cpp @@ -225,7 +225,7 @@ bool ChatHandler::HandleAddItemCommand(const char *args) if (citemName && citemName[0]) { std::string itemName = citemName+1; - WorldDatabase.escape_string(itemName); + WorldDatabase.EscapeString(itemName); QueryResult result = WorldDatabase.PQuery("SELECT entry FROM item_template WHERE name = '%s'", itemName.c_str()); if (!result) { @@ -3184,7 +3184,7 @@ bool ChatHandler::HandleBanInfoIPCommand(const char *args) std::string IP = cIP; - LoginDatabase.escape_string(IP); + LoginDatabase.EscapeString(IP); QueryResult result = LoginDatabase.PQuery("SELECT ip, FROM_UNIXTIME(bandate), FROM_UNIXTIME(unbandate), unbandate-UNIX_TIMESTAMP(), banreason, bannedby, unbandate-bandate FROM ip_banned WHERE ip = '%s'", IP.c_str()); if (!result) { @@ -3293,7 +3293,7 @@ bool ChatHandler::HandleBanListAccountCommand(const char *args) char* cFilter = strtok((char*)args, " "); std::string filter = cFilter ? cFilter : ""; - LoginDatabase.escape_string(filter); + LoginDatabase.EscapeString(filter); QueryResult result; @@ -3398,7 +3398,7 @@ bool ChatHandler::HandleBanListIPCommand(const char *args) char* cFilter = strtok((char*)args, " "); std::string filter = cFilter ? cFilter : ""; - LoginDatabase.escape_string(filter); + LoginDatabase.EscapeString(filter); QueryResult result; diff --git a/src/server/game/Entities/Pet/Pet.cpp b/src/server/game/Entities/Pet/Pet.cpp index 861d8d1e348..baffe4cd0f4 100755 --- a/src/server/game/Entities/Pet/Pet.cpp +++ b/src/server/game/Entities/Pet/Pet.cpp @@ -384,7 +384,7 @@ void Pet::SavePetToDB(PetSaveMode mode) { uint32 owner = GUID_LOPART(GetOwnerGUID()); std::string name = m_name; - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); SQLTransaction trans = CharacterDatabase.BeginTransaction(); // remove current data trans->PAppend("DELETE FROM character_pet WHERE owner = '%u' AND id = '%u'", owner, m_charmInfo->GetPetNumber()); diff --git a/src/server/game/Entities/Player/Player.cpp b/src/server/game/Entities/Player/Player.cpp index 1ba7707e30a..7d206bcdbea 100755 --- a/src/server/game/Entities/Player/Player.cpp +++ b/src/server/game/Entities/Player/Player.cpp @@ -18186,7 +18186,7 @@ void Player::SaveToDB() outDebugValues(); std::string sql_name = m_name; - CharacterDatabase.escape_string(sql_name); + CharacterDatabase.EscapeString(sql_name); std::ostringstream ss; ss << "REPLACE INTO characters (guid, account, name, race, class, gender, level, xp, money, playerBytes, playerBytes2, playerFlags, " diff --git a/src/server/game/Entities/Player/SocialMgr.cpp b/src/server/game/Entities/Player/SocialMgr.cpp index 2b44d2a192d..9733d5e80bb 100755 --- a/src/server/game/Entities/Player/SocialMgr.cpp +++ b/src/server/game/Entities/Player/SocialMgr.cpp @@ -108,7 +108,7 @@ void PlayerSocial::SetFriendNote(uint32 friend_guid, std::string note) utf8truncate(note, 48); // DB and client size limitation - CharacterDatabase.escape_string(note); + CharacterDatabase.EscapeString(note); CharacterDatabase.PExecute("UPDATE character_social SET note = '%s' WHERE guid = '%u' AND friend = '%u'", note.c_str(), GetPlayerGUID(), friend_guid); m_playerSocialMap[friend_guid].Note = note; } diff --git a/src/server/game/Globals/ObjectMgr.cpp b/src/server/game/Globals/ObjectMgr.cpp index 2c69d83f311..356f26e880c 100755 --- a/src/server/game/Globals/ObjectMgr.cpp +++ b/src/server/game/Globals/ObjectMgr.cpp @@ -2002,7 +2002,7 @@ uint64 ObjectMgr::GetPlayerGUIDByName(std::string name) const { uint64 guid = 0; - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); // Player name safe to sending to DB (checked at login) and this function using QueryResult result = CharacterDatabase.PQuery("SELECT guid FROM characters WHERE name = '%s'", name.c_str()); diff --git a/src/server/game/Server/Protocol/Handlers/CharacterHandler.cpp b/src/server/game/Server/Protocol/Handlers/CharacterHandler.cpp index 0424bb3aab8..97a1ea0551c 100755 --- a/src/server/game/Server/Protocol/Handlers/CharacterHandler.cpp +++ b/src/server/game/Server/Protocol/Handlers/CharacterHandler.cpp @@ -1158,7 +1158,7 @@ void WorldSession::HandleCharRenameOpcode(WorldPacket& recv_data) } std::string escaped_newname = newname; - CharacterDatabase.escape_string(escaped_newname); + CharacterDatabase.EscapeString(escaped_newname); // make sure that the character belongs to the current account, that rename at login is enabled // and that there is no character with the desired new name @@ -1270,7 +1270,7 @@ void WorldSession::HandleSetPlayerDeclinedNames(WorldPacket& recv_data) } for (int i = 0; i < MAX_DECLINED_NAME_CASES; ++i) - CharacterDatabase.escape_string(declinedname.name[i]); + CharacterDatabase.EscapeString(declinedname.name[i]); SQLTransaction trans = CharacterDatabase.BeginTransaction(); trans->PAppend("DELETE FROM character_declinedname WHERE guid = '%u'", GUID_LOPART(guid)); @@ -1431,7 +1431,7 @@ void WorldSession::HandleCharCustomize(WorldPacket& recv_data) } } - CharacterDatabase.escape_string(newname); + CharacterDatabase.EscapeString(newname); if (QueryResult result = CharacterDatabase.PQuery("SELECT name FROM characters WHERE guid ='%u'", GUID_LOPART(guid))) { std::string oldname = result->Fetch()[0].GetString(); @@ -1654,7 +1654,7 @@ void WorldSession::HandleCharFactionOrRaceChange(WorldPacket& recv_data) } } - CharacterDatabase.escape_string(newname); + CharacterDatabase.EscapeString(newname); Player::Customize(guid, gender, skin, face, hairStyle, hairColor, facialHair); SQLTransaction trans = CharacterDatabase.BeginTransaction(); trans->PAppend("UPDATE `characters` SET name='%s', race='%u', at_login=at_login & ~ %u WHERE guid='%u'", newname.c_str(), race, used_loginFlag, lowGuid); diff --git a/src/server/game/Server/Protocol/Handlers/GroupHandler.cpp b/src/server/game/Server/Protocol/Handlers/GroupHandler.cpp index b906aab9218..098bd03f629 100755 --- a/src/server/game/Server/Protocol/Handlers/GroupHandler.cpp +++ b/src/server/game/Server/Protocol/Handlers/GroupHandler.cpp @@ -599,7 +599,7 @@ void WorldSession::HandleGroupChangeSubGroupOpcode(WorldPacket & recv_data) } else { - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); guid = sObjectMgr->GetPlayerGUIDByName(name.c_str()); } diff --git a/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp b/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp index 81f771fdada..25b64ce1e7a 100755 --- a/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp +++ b/src/server/game/Server/Protocol/Handlers/MiscHandler.cpp @@ -553,7 +553,7 @@ void WorldSession::HandleAddFriendOpcode(WorldPacket & recv_data) if (!normalizePlayerName(friendName)) return; - CharacterDatabase.escape_string(friendName); // prevent SQL injection - normal name don't must changed by this call + CharacterDatabase.EscapeString(friendName); // prevent SQL injection - normal name don't must changed by this call sLog->outDebug(LOG_FILTER_NETWORKIO, "WORLD: %s asked to add friend : '%s'", GetPlayer()->GetName(), friendName.c_str()); @@ -642,7 +642,7 @@ void WorldSession::HandleAddIgnoreOpcode(WorldPacket & recv_data) if (!normalizePlayerName(IgnoreName)) return; - CharacterDatabase.escape_string(IgnoreName); // prevent SQL injection - normal name don't must changed by this call + CharacterDatabase.EscapeString(IgnoreName); // prevent SQL injection - normal name don't must changed by this call sLog->outDebug(LOG_FILTER_NETWORKIO, "WORLD: %s asked to Ignore: '%s'", GetPlayer()->GetName(), IgnoreName.c_str()); @@ -728,8 +728,8 @@ void WorldSession::HandleBugOpcode(WorldPacket & recv_data) sLog->outDebug(LOG_FILTER_NETWORKIO, "%s", type.c_str()); sLog->outDebug(LOG_FILTER_NETWORKIO, "%s", content.c_str()); - CharacterDatabase.escape_string(type); - CharacterDatabase.escape_string(content); + CharacterDatabase.EscapeString(type); + CharacterDatabase.EscapeString(content); CharacterDatabase.PExecute ("INSERT INTO bugreport (type, content) VALUES('%s', '%s')", type.c_str(), content.c_str()); } diff --git a/src/server/game/Server/Protocol/Handlers/PetHandler.cpp b/src/server/game/Server/Protocol/Handlers/PetHandler.cpp index 625ce518e28..8a40d8345fa 100755 --- a/src/server/game/Server/Protocol/Handlers/PetHandler.cpp +++ b/src/server/game/Server/Protocol/Handlers/PetHandler.cpp @@ -643,13 +643,13 @@ void WorldSession::HandlePetRename(WorldPacket & recv_data) if (isdeclined) { for (uint8 i = 0; i < MAX_DECLINED_NAME_CASES; ++i) - CharacterDatabase.escape_string(declinedname.name[i]); + CharacterDatabase.EscapeString(declinedname.name[i]); trans->PAppend("DELETE FROM character_pet_declinedname WHERE owner = '%u' AND id = '%u'", _player->GetGUIDLow(), pet->GetCharmInfo()->GetPetNumber()); trans->PAppend("INSERT INTO character_pet_declinedname (id, owner, genitive, dative, accusative, instrumental, prepositional) VALUES ('%u', '%u', '%s', '%s', '%s', '%s', '%s')", pet->GetCharmInfo()->GetPetNumber(), _player->GetGUIDLow(), declinedname.name[0].c_str(), declinedname.name[1].c_str(), declinedname.name[2].c_str(), declinedname.name[3].c_str(), declinedname.name[4].c_str()); } - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); trans->PAppend("UPDATE character_pet SET name = '%s', renamed = '1' WHERE owner = '%u' AND id = '%u'", name.c_str(), _player->GetGUIDLow(), pet->GetCharmInfo()->GetPetNumber()); CharacterDatabase.CommitTransaction(trans); diff --git a/src/server/game/Server/Protocol/Handlers/PetitionsHandler.cpp b/src/server/game/Server/Protocol/Handlers/PetitionsHandler.cpp index b47ccfaba8d..0b748594ee0 100755 --- a/src/server/game/Server/Protocol/Handlers/PetitionsHandler.cpp +++ b/src/server/game/Server/Protocol/Handlers/PetitionsHandler.cpp @@ -233,7 +233,7 @@ void WorldSession::HandlePetitionBuyOpcode(WorldPacket & recv_data) ssInvalidPetitionGUIDs << "'" << charter->GetGUIDLow() << "'"; sLog->outDebug(LOG_FILTER_NETWORKIO, "Invalid petition GUIDs: %s", ssInvalidPetitionGUIDs.str().c_str()); - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); SQLTransaction trans = CharacterDatabase.BeginTransaction(); trans->PAppend("DELETE FROM petition WHERE petitionguid IN (%s)", ssInvalidPetitionGUIDs.str().c_str()); trans->PAppend("DELETE FROM petition_sign WHERE petitionguid IN (%s)", ssInvalidPetitionGUIDs.str().c_str()); @@ -432,7 +432,7 @@ void WorldSession::HandlePetitionRenameOpcode(WorldPacket & recv_data) } std::string db_newname = newname; - CharacterDatabase.escape_string(db_newname); + CharacterDatabase.EscapeString(db_newname); CharacterDatabase.PExecute("UPDATE petition SET name = '%s' WHERE petitionguid = '%u'", db_newname.c_str(), GUID_LOPART(petitionguid)); diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp index b2c8164d6f5..fb152cfd331 100755 --- a/src/server/game/Server/WorldSocket.cpp +++ b/src/server/game/Server/WorldSocket.cpp @@ -812,7 +812,7 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket) // Get the account information from the realmd database std::string safe_account = account; // Duplicate, else will screw the SHA hash verification below - LoginDatabase.escape_string (safe_account); + LoginDatabase.EscapeString (safe_account); // No SQL injection, username escaped. QueryResult result = @@ -978,7 +978,7 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket) // Update the last_ip in the database // No SQL injection, username escaped. - LoginDatabase.escape_string (address); + LoginDatabase.EscapeString (address); LoginDatabase.PExecute ("UPDATE account " "SET last_ip = '%s' " diff --git a/src/server/game/Tools/PlayerDump.cpp b/src/server/game/Tools/PlayerDump.cpp index 7f4dc15c5c3..4a1c525167b 100755 --- a/src/server/game/Tools/PlayerDump.cpp +++ b/src/server/game/Tools/PlayerDump.cpp @@ -206,7 +206,7 @@ std::string CreateDumpString(char const* tableName, QueryResult result) else ss << ", '"; std::string s = fields[i].GetString(); - CharacterDatabase.escape_string(s); + CharacterDatabase.EscapeString(s); ss << s; ss << "'"; @@ -411,7 +411,7 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s if (ObjectMgr::CheckPlayerName(name, true) == CHAR_NAME_SUCCESS) { - CharacterDatabase.escape_string(name); // for safe, we use name only for sql quearies anyway + CharacterDatabase.EscapeString(name); // for safe, we use name only for sql quearies anyway result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE name = '%s'", name.c_str()); if (result) name = ""; // use the one from the dump @@ -507,7 +507,7 @@ DumpReturn PlayerDumpReader::LoadDump(const std::string& file, uint32 account, s { // check if the original name already exists name = getnth(line, 3); - CharacterDatabase.escape_string(name); + CharacterDatabase.EscapeString(name); result = CharacterDatabase.PQuery("SELECT 1 FROM characters WHERE name = '%s'", name.c_str()); if (result) diff --git a/src/server/scripts/Commands/cs_go.cpp b/src/server/scripts/Commands/cs_go.cpp index 7129aa67c99..8393d338e93 100644 --- a/src/server/scripts/Commands/cs_go.cpp +++ b/src/server/scripts/Commands/cs_go.cpp @@ -113,7 +113,7 @@ public: if (!guid) { std::string name = pParam1; - WorldDatabase.escape_string(name); + WorldDatabase.EscapeString(name); whereClause << ", creature_template WHERE creature.id = creature_template.entry AND creature_template.name "_LIKE_" '" << name << "'"; } else diff --git a/src/server/scripts/Commands/cs_gobject.cpp b/src/server/scripts/Commands/cs_gobject.cpp index 3197595812f..204012224d5 100644 --- a/src/server/scripts/Commands/cs_gobject.cpp +++ b/src/server/scripts/Commands/cs_gobject.cpp @@ -233,7 +233,7 @@ public: else { std::string name = cId; - WorldDatabase.escape_string(name); + WorldDatabase.EscapeString(name); result = WorldDatabase.PQuery( "SELECT guid, id, position_x, position_y, position_z, orientation, map, phaseMask, (POW(position_x - %f, 2) + POW(position_y - %f, 2) + POW(position_z - %f, 2)) AS order_ " "FROM gameobject, gameobject_template WHERE gameobject_template.entry = gameobject.id AND map = %i AND name "_LIKE_" "_CONCAT3_("'%%'", "'%s'", "'%%'")" ORDER BY order_ ASC LIMIT 1", diff --git a/src/server/scripts/Commands/cs_wp.cpp b/src/server/scripts/Commands/cs_wp.cpp index 4addf788183..1da11795742 100644 --- a/src/server/scripts/Commands/cs_wp.cpp +++ b/src/server/scripts/Commands/cs_wp.cpp @@ -434,7 +434,7 @@ public: else { std::string arg_str_3 = arg_3; - WorldDatabase.escape_string(arg_str_3); + WorldDatabase.EscapeString(arg_str_3); WorldDatabase.PExecute("UPDATE waypoint_scripts SET %s='%s' WHERE guid='%u'", arg_2, arg_str_3.c_str(), id); } @@ -619,7 +619,7 @@ public: { // show_str check for present in list of correct values, no sql injection possible std::string text2 = text; - WorldDatabase.escape_string(text2); + WorldDatabase.EscapeString(text2); WorldDatabase.PExecute("UPDATE waypoint_data SET %s='%s' WHERE id='%u' AND point='%u'", show_str, text2.c_str(), pathid, point); } diff --git a/src/server/shared/Database/DatabaseWorkerPool.h b/src/server/shared/Database/DatabaseWorkerPool.h index 2be778a1028..5e24608715a 100755 --- a/src/server/shared/Database/DatabaseWorkerPool.h +++ b/src/server/shared/Database/DatabaseWorkerPool.h @@ -408,13 +408,13 @@ class DatabaseWorkerPool } //! Apply escape string'ing for current collation. (utf8) - void escape_string(std::string& str) + void EscapeString(std::string& str) { if (str.empty()) return; char* buf = new char[str.size()*2+1]; - escape_string(buf, str.c_str(), str.size()); + EscapeString(buf, str.c_str(), str.size()); str = buf; delete[] buf; } @@ -441,7 +441,7 @@ class DatabaseWorkerPool } private: - unsigned long escape_string(char *to, const char *from, unsigned long length) + unsigned long EscapeString(char *to, const char *from, unsigned long length) { if (!to || !from || !length) return 0; diff --git a/src/server/shared/Logging/Log.cpp b/src/server/shared/Logging/Log.cpp index e755e7208c3..ac74f893d58 100755 --- a/src/server/shared/Logging/Log.cpp +++ b/src/server/shared/Logging/Log.cpp @@ -364,7 +364,7 @@ void Log::outDB(LogTypes type, const char * str) std::string new_str(str); if (new_str.empty()) return; - LoginDatabase.escape_string(new_str); + LoginDatabase.EscapeString(new_str); LoginDatabase.PExecute("INSERT INTO logs (time, realm, type, string) " "VALUES (" UI64FMTD ", %u, %u, '%s');", uint64(time(0)), realm, type, new_str.c_str()); diff --git a/src/server/worldserver/RemoteAccess/RASocket.cpp b/src/server/worldserver/RemoteAccess/RASocket.cpp index cfdf7248611..4344bfea048 100755 --- a/src/server/worldserver/RemoteAccess/RASocket.cpp +++ b/src/server/worldserver/RemoteAccess/RASocket.cpp @@ -177,7 +177,7 @@ int RASocket::check_access_level(const std::string& user) std::string safe_user = user; AccountMgr::normalizeString(safe_user); - LoginDatabase.escape_string(safe_user); + LoginDatabase.EscapeString(safe_user); QueryResult result = LoginDatabase.PQuery("SELECT a.id, aa.gmlevel, aa.RealmID FROM account a LEFT JOIN account_access aa ON (a.id = aa.id) WHERE a.username = '%s'", safe_user.c_str()); @@ -207,11 +207,11 @@ int RASocket::check_password(const std::string& user, const std::string& pass) { std::string safe_user = user; AccountMgr::normalizeString(safe_user); - LoginDatabase.escape_string(safe_user); + LoginDatabase.EscapeString(safe_user); std::string safe_pass = pass; AccountMgr::normalizeString(safe_pass); - LoginDatabase.escape_string(safe_pass); + LoginDatabase.EscapeString(safe_pass); std::string hash = sAccountMgr->CalculateShaPassHash(safe_user, safe_pass); |