From e646dbb3cdae041ae1ead8e5bdd456ce600ee9a5 Mon Sep 17 00:00:00 2001
From: leak <leakzx@googlemail.com>
Date: Tue, 27 Dec 2011 00:29:17 +0100
Subject: Core/DBLayer: Convert PExecute() queries to prepared statements No. 2

---
 src/server/game/Addons/AddonMgr.cpp | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'src/server/game/Addons/AddonMgr.cpp')

diff --git a/src/server/game/Addons/AddonMgr.cpp b/src/server/game/Addons/AddonMgr.cpp
index 9d5bdd159f7..ff6d16bef4d 100755
--- a/src/server/game/Addons/AddonMgr.cpp
+++ b/src/server/game/Addons/AddonMgr.cpp
@@ -70,8 +70,13 @@ void LoadFromDB()
 void SaveAddon(AddonInfo const& addon)
 {
     std::string name = addon.Name;
-    CharacterDatabase.EscapeString(name);
-    CharacterDatabase.PExecute("INSERT INTO addons (name, crc) VALUES ('%s', %u)", name.c_str(), addon.CRC);
+
+    PreparedStatement* stmt = CharacterDatabase.GetPreparedStatement(CHAR_ADD_ADDON);
+
+    stmt->setString(0, name);
+    stmt->setUInt32(1, addon.CRC);
+
+    CharacterDatabase.Execute(stmt);
 
     m_knownAddons.push_back(SavedAddon(addon.Name, addon.CRC));
 }
-- 
cgit v1.2.3