mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-17 07:37:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[11317] More SQL requests to use prepared statements.

Browse source 
Signed-off-by: Ambal <pogrebniak@gala.net>
This commit is contained in:
Ambal 2011-04-06 00:11:28 +03:00
parent 889ce13264
commit 8fd323a09a
7 changed files with 63 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/game/CharacterHandler.cpp
View file

@ -715,8 +715,15 @@ void WorldSession::HandlePlayerLogin(LoginQueryHolder *holder)
pCurrChar->SendInitialPacketsAfterAddToMap(); pCurrChar->SendInitialPacketsAfterAddToMap();
CharacterDatabase.PExecute("UPDATE characters SET online = 1 WHERE guid = '%u'", pCurrChar->GetGUIDLow()); static SqlStatementID updChars;
LoginDatabase.PExecute("UPDATE account SET active_realm_id = %u WHERE id = '%u'", realmID, GetAccountId()); static SqlStatementID updAccount;
SqlStatement stmt = CharacterDatabase.CreateStatement(updChars, "UPDATE characters SET online = 1 WHERE guid = ?");
stmt.PExecute(pCurrChar->GetGUIDLow());
stmt = LoginDatabase.CreateStatement(updAccount, "UPDATE account SET active_realm_id = ? WHERE id = ?");
stmt.PExecute(realmID, GetAccountId());
pCurrChar->SetInGameTime( WorldTimer::getMSTime() ); pCurrChar->SetInGameTime( WorldTimer::getMSTime() );
// announce group about member online (must be after add to player list to receive announce to self) // announce group about member online (must be after add to player list to receive announce to self)

5
src/game/Corpse.cpp
View file

@ -143,7 +143,10 @@ void Corpse::DeleteFromDB()
MANGOS_ASSERT(GetType() != CORPSE_BONES); MANGOS_ASSERT(GetType() != CORPSE_BONES);
// all corpses (not bones) // all corpses (not bones)
CharacterDatabase.PExecute("DELETE FROM corpse WHERE player = '%u' AND corpse_type <> '0'", GetOwnerGuid().GetCounter()); static SqlStatementID id;
SqlStatement stmt = CharacterDatabase.CreateStatement(id, "DELETE FROM corpse WHERE player = ? AND corpse_type <> '0'");
stmt.PExecute(GetOwnerGuid().GetCounter());
} }
bool Corpse::LoadFromDB(uint32 lowguid, Field *fields) bool Corpse::LoadFromDB(uint32 lowguid, Field *fields)

14
src/game/Pet.cpp
View file

@ -234,10 +234,16 @@ bool Pet::LoadPetFromDB( Player* owner, uint32 petentry, uint32 petnumber, bool
if (fields[7].GetUInt32() != 0) if (fields[7].GetUInt32() != 0)
{ {
CharacterDatabase.BeginTransaction(); CharacterDatabase.BeginTransaction();
CharacterDatabase.PExecute("UPDATE character_pet SET slot = '%u' WHERE owner = '%u' AND slot = '%u' AND id <> '%u'",
PET_SAVE_NOT_IN_SLOT, ownerid, PET_SAVE_AS_CURRENT, m_charmInfo->GetPetNumber()); static SqlStatementID id_1;
CharacterDatabase.PExecute("UPDATE character_pet SET slot = '%u' WHERE owner = '%u' AND id = '%u'", static SqlStatementID id_2;
PET_SAVE_AS_CURRENT, ownerid, m_charmInfo->GetPetNumber());
SqlStatement stmt = CharacterDatabase.CreateStatement(id_1, "UPDATE character_pet SET slot = ? WHERE owner = ? AND slot = ? AND id <> ?");
stmt.PExecute(uint32(PET_SAVE_NOT_IN_SLOT), ownerid, uint32(PET_SAVE_AS_CURRENT), m_charmInfo->GetPetNumber());
stmt = CharacterDatabase.CreateStatement(id_2, "UPDATE character_pet SET slot = ? WHERE owner = ? AND id = ?");
stmt.PExecute(uint32(PET_SAVE_AS_CURRENT), ownerid, m_charmInfo->GetPetNumber());
CharacterDatabase.CommitTransaction(); CharacterDatabase.CommitTransaction();
} }

7
src/game/World.cpp
View file

@ -266,7 +266,12 @@ World::AddSession_ (WorldSession* s)
float popu = float(GetActiveSessionCount()); // updated number of users on the server float popu = float(GetActiveSessionCount()); // updated number of users on the server
popu /= pLimit; popu /= pLimit;
popu *= 2; popu *= 2;
LoginDatabase.PExecute ("UPDATE realmlist SET population = '%f' WHERE id = '%u'", popu, realmID);
static SqlStatementID id;
SqlStatement stmt = LoginDatabase.CreateStatement(id, "UPDATE realmlist SET population = ? WHERE id = ?");
stmt.PExecute(popu, realmID);
DETAIL_LOG("Server Population (%f).", popu); DETAIL_LOG("Server Population (%f).", popu);
} }
} }

41
src/game/WorldSession.cpp
View file

@ -421,7 +421,10 @@ void WorldSession::LogoutPlayer(bool Save)
///- Reset the online field in the account table ///- Reset the online field in the account table
// no point resetting online in character table here as Player::SaveToDB() will set it to 1 since player has not been removed from world at this stage // no point resetting online in character table here as Player::SaveToDB() will set it to 1 since player has not been removed from world at this stage
// No SQL injection as AccountID is uint32 // No SQL injection as AccountID is uint32
LoginDatabase.PExecute("UPDATE account SET active_realm_id = 0 WHERE id = '%u'", GetAccountId()); static SqlStatementID id;
SqlStatement stmt = LoginDatabase.CreateStatement(id, "UPDATE account SET active_realm_id = ? WHERE id = ?");
stmt.PExecute(uint32(0), GetAccountId());
///- If the player is in a guild, update the guild roster and broadcast a logout message to other guild members ///- If the player is in a guild, update the guild roster and broadcast a logout message to other guild members
if (Guild *guild = sObjectMgr.GetGuildById(_player->GetGuildId())) if (Guild *guild = sObjectMgr.GetGuildById(_player->GetGuildId()))
@ -495,8 +498,12 @@ void WorldSession::LogoutPlayer(bool Save)
///- Since each account can only have one online character at any given time, ensure all characters for active account are marked as offline ///- Since each account can only have one online character at any given time, ensure all characters for active account are marked as offline
//No SQL injection as AccountId is uint32 //No SQL injection as AccountId is uint32
CharacterDatabase.PExecute("UPDATE characters SET online = 0 WHERE account = '%u'",
GetAccountId()); static SqlStatementID updChars;
stmt = CharacterDatabase.CreateStatement(updChars, "UPDATE characters SET online = 0 WHERE account = ?");
stmt.PExecute(GetAccountId());
DEBUG_LOG( "SESSION: Sent SMSG_LOGOUT_COMPLETE Message" ); DEBUG_LOG( "SESSION: Sent SMSG_LOGOUT_COMPLETE Message" );
} }
@ -675,11 +682,17 @@ void WorldSession::SetAccountData(AccountDataType type, time_t time_, std::strin
{ {
uint32 acc = GetAccountId(); uint32 acc = GetAccountId();
static SqlStatementID delId;
static SqlStatementID insId;
CharacterDatabase.BeginTransaction (); CharacterDatabase.BeginTransaction ();
CharacterDatabase.PExecute("DELETE FROM account_data WHERE account='%u' AND type='%u'", acc, type);
std::string safe_data = data; SqlStatement stmt = CharacterDatabase.CreateStatement(delId, "DELETE FROM account_data WHERE account=? AND type=?");
CharacterDatabase.escape_string(safe_data); stmt.PExecute(acc, uint32(type));
CharacterDatabase.PExecute("INSERT INTO account_data VALUES ('%u','%u','" UI64FMTD "','%s')", acc, type, uint64(time_), safe_data.c_str());
stmt = CharacterDatabase.CreateStatement(insId, "INSERT INTO account_data VALUES (?,?,?,?)");
stmt.PExecute(acc, uint32(type), uint64(time_), data.c_str());
CharacterDatabase.CommitTransaction (); CharacterDatabase.CommitTransaction ();
} }
else else
@ -688,11 +701,17 @@ void WorldSession::SetAccountData(AccountDataType type, time_t time_, std::strin
if(!m_GUIDLow) if(!m_GUIDLow)
return; return;
static SqlStatementID delId;
static SqlStatementID insId;
CharacterDatabase.BeginTransaction (); CharacterDatabase.BeginTransaction ();
CharacterDatabase.PExecute("DELETE FROM character_account_data WHERE guid='%u' AND type='%u'", m_GUIDLow, type);
std::string safe_data = data; SqlStatement stmt = CharacterDatabase.CreateStatement(delId, "DELETE FROM character_account_data WHERE guid=? AND type=?");
CharacterDatabase.escape_string(safe_data); stmt.PExecute(m_GUIDLow, uint32(type));
CharacterDatabase.PExecute("INSERT INTO character_account_data VALUES ('%u','%u','" UI64FMTD "','%s')", m_GUIDLow, type, uint64(time_), safe_data.c_str());
stmt = CharacterDatabase.CreateStatement(insId, "INSERT INTO character_account_data VALUES (?,?,?,?)");
stmt.PExecute(m_GUIDLow, uint32(type), uint64(time_), data.c_str());
CharacterDatabase.CommitTransaction (); CharacterDatabase.CommitTransaction ();
} }

9
src/game/WorldSocket.cpp
View file

@ -930,13 +930,10 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket)
// Update the last_ip in the database // Update the last_ip in the database
// No SQL injection, username escaped. // No SQL injection, username escaped.
LoginDatabase.escape_string (address); static SqlStatementID updAccount;
LoginDatabase.PExecute ("UPDATE account " SqlStatement stmt = LoginDatabase.CreateStatement(updAccount, "UPDATE account SET last_ip = ? WHERE username = ?");
"SET last_ip = '%s' " stmt.PExecute(address.c_str(), account.c_str());
"WHERE username = '%s'",
address.c_str (),
safe_account.c_str ());
// NOTE ATM the socket is single-threaded, have this in mind ... // NOTE ATM the socket is single-threaded, have this in mind ...
ACE_NEW_RETURN (m_Session, WorldSession (id, this, AccountTypes(security), expansion, mutetime, locale), -1); ACE_NEW_RETURN (m_Session, WorldSession (id, this, AccountTypes(security), expansion, mutetime, locale), -1);

2
src/shared/revision_nr.h
View file

@ -1,4 +1,4 @@
#ifndef __REVISION_NR_H__ #ifndef __REVISION_NR_H__
#define __REVISION_NR_H__ #define __REVISION_NR_H__
#define REVISION_NR "11316" #define REVISION_NR "11317"
#endif // __REVISION_NR_H__ #endif // __REVISION_NR_H__