mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-15 19:37:02 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[11317] More SQL requests to use prepared statements.

Browse source 
Signed-off-by: Ambal <pogrebniak@gala.net>
This commit is contained in:
Ambal 2011-04-06 00:11:28 +03:00
parent 889ce13264
commit 8fd323a09a
7 changed files with 63 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/game/CharacterHandler.cpp
View file

@ -715,8 +715,15 @@ void WorldSession::HandlePlayerLogin(LoginQueryHolder *holder)
pCurrChar->SendInitialPacketsAfterAddToMap();
CharacterDatabase.PExecute("UPDATE characters SET online = 1 WHERE guid = '%u'", pCurrChar->GetGUIDLow());
LoginDatabase.PExecute("UPDATE account SET active_realm_id = %u WHERE id = '%u'", realmID, GetAccountId());
static SqlStatementID updChars;
static SqlStatementID updAccount;
SqlStatement stmt = CharacterDatabase.CreateStatement(updChars, "UPDATE characters SET online = 1 WHERE guid = ?");
stmt.PExecute(pCurrChar->GetGUIDLow());
stmt = LoginDatabase.CreateStatement(updAccount, "UPDATE account SET active_realm_id = ? WHERE id = ?");
stmt.PExecute(realmID, GetAccountId());
pCurrChar->SetInGameTime( WorldTimer::getMSTime() );
// announce group about member online (must be after add to player list to receive announce to self)

5
src/game/Corpse.cpp
View file

@ -143,7 +143,10 @@ void Corpse::DeleteFromDB()
MANGOS_ASSERT(GetType() != CORPSE_BONES);
// all corpses (not bones)
CharacterDatabase.PExecute("DELETE FROM corpse WHERE player = '%u' AND corpse_type <> '0'", GetOwnerGuid().GetCounter());
static SqlStatementID id;
SqlStatement stmt = CharacterDatabase.CreateStatement(id, "DELETE FROM corpse WHERE player = ? AND corpse_type <> '0'");
stmt.PExecute(GetOwnerGuid().GetCounter());
}
bool Corpse::LoadFromDB(uint32 lowguid, Field *fields)

14
src/game/Pet.cpp
View file

@ -234,10 +234,16 @@ bool Pet::LoadPetFromDB( Player* owner, uint32 petentry, uint32 petnumber, bool
if (fields[7].GetUInt32() != 0)
{
CharacterDatabase.BeginTransaction();
CharacterDatabase.PExecute("UPDATE character_pet SET slot = '%u' WHERE owner = '%u' AND slot = '%u' AND id <> '%u'",
PET_SAVE_NOT_IN_SLOT, ownerid, PET_SAVE_AS_CURRENT, m_charmInfo->GetPetNumber());
CharacterDatabase.PExecute("UPDATE character_pet SET slot = '%u' WHERE owner = '%u' AND id = '%u'",
PET_SAVE_AS_CURRENT, ownerid, m_charmInfo->GetPetNumber());
static SqlStatementID id_1;
static SqlStatementID id_2;
SqlStatement stmt = CharacterDatabase.CreateStatement(id_1, "UPDATE character_pet SET slot = ? WHERE owner = ? AND slot = ? AND id <> ?");
stmt.PExecute(uint32(PET_SAVE_NOT_IN_SLOT), ownerid, uint32(PET_SAVE_AS_CURRENT), m_charmInfo->GetPetNumber());
stmt = CharacterDatabase.CreateStatement(id_2, "UPDATE character_pet SET slot = ? WHERE owner = ? AND id = ?");
stmt.PExecute(uint32(PET_SAVE_AS_CURRENT), ownerid, m_charmInfo->GetPetNumber());
CharacterDatabase.CommitTransaction();
}

7
src/game/World.cpp
View file

@ -266,7 +266,12 @@ World::AddSession_ (WorldSession* s)
float popu = float(GetActiveSessionCount()); // updated number of users on the server
popu /= pLimit;
popu *= 2;
LoginDatabase.PExecute ("UPDATE realmlist SET population = '%f' WHERE id = '%u'", popu, realmID);
static SqlStatementID id;
SqlStatement stmt = LoginDatabase.CreateStatement(id, "UPDATE realmlist SET population = ? WHERE id = ?");
stmt.PExecute(popu, realmID);
DETAIL_LOG("Server Population (%f).", popu);
}
}

41
src/game/WorldSession.cpp
View file

@ -421,7 +421,10 @@ void WorldSession::LogoutPlayer(bool Save)
///- Reset the online field in the account table
// no point resetting online in character table here as Player::SaveToDB() will set it to 1 since player has not been removed from world at this stage
// No SQL injection as AccountID is uint32
LoginDatabase.PExecute("UPDATE account SET active_realm_id = 0 WHERE id = '%u'", GetAccountId());
static SqlStatementID id;
SqlStatement stmt = LoginDatabase.CreateStatement(id, "UPDATE account SET active_realm_id = ? WHERE id = ?");
stmt.PExecute(uint32(0), GetAccountId());
///- If the player is in a guild, update the guild roster and broadcast a logout message to other guild members
if (Guild *guild = sObjectMgr.GetGuildById(_player->GetGuildId()))
@ -495,8 +498,12 @@ void WorldSession::LogoutPlayer(bool Save)
///- Since each account can only have one online character at any given time, ensure all characters for active account are marked as offline
//No SQL injection as AccountId is uint32
CharacterDatabase.PExecute("UPDATE characters SET online = 0 WHERE account = '%u'",
GetAccountId());
static SqlStatementID updChars;
stmt = CharacterDatabase.CreateStatement(updChars, "UPDATE characters SET online = 0 WHERE account = ?");
stmt.PExecute(GetAccountId());
DEBUG_LOG( "SESSION: Sent SMSG_LOGOUT_COMPLETE Message" );
}
@ -675,11 +682,17 @@ void WorldSession::SetAccountData(AccountDataType type, time_t time_, std::strin
{
uint32 acc = GetAccountId();
static SqlStatementID delId;
static SqlStatementID insId;
CharacterDatabase.BeginTransaction ();
CharacterDatabase.PExecute("DELETE FROM account_data WHERE account='%u' AND type='%u'", acc, type);
std::string safe_data = data;
CharacterDatabase.escape_string(safe_data);
CharacterDatabase.PExecute("INSERT INTO account_data VALUES ('%u','%u','" UI64FMTD "','%s')", acc, type, uint64(time_), safe_data.c_str());
SqlStatement stmt = CharacterDatabase.CreateStatement(delId, "DELETE FROM account_data WHERE account=? AND type=?");
stmt.PExecute(acc, uint32(type));
stmt = CharacterDatabase.CreateStatement(insId, "INSERT INTO account_data VALUES (?,?,?,?)");
stmt.PExecute(acc, uint32(type), uint64(time_), data.c_str());
CharacterDatabase.CommitTransaction ();
}
else
@ -688,11 +701,17 @@ void WorldSession::SetAccountData(AccountDataType type, time_t time_, std::strin
if(!m_GUIDLow)
return;
static SqlStatementID delId;
static SqlStatementID insId;
CharacterDatabase.BeginTransaction ();
CharacterDatabase.PExecute("DELETE FROM character_account_data WHERE guid='%u' AND type='%u'", m_GUIDLow, type);
std::string safe_data = data;
CharacterDatabase.escape_string(safe_data);
CharacterDatabase.PExecute("INSERT INTO character_account_data VALUES ('%u','%u','" UI64FMTD "','%s')", m_GUIDLow, type, uint64(time_), safe_data.c_str());
SqlStatement stmt = CharacterDatabase.CreateStatement(delId, "DELETE FROM character_account_data WHERE guid=? AND type=?");
stmt.PExecute(m_GUIDLow, uint32(type));
stmt = CharacterDatabase.CreateStatement(insId, "INSERT INTO character_account_data VALUES (?,?,?,?)");
stmt.PExecute(m_GUIDLow, uint32(type), uint64(time_), data.c_str());
CharacterDatabase.CommitTransaction ();
}

9
src/game/WorldSocket.cpp
View file

@ -930,13 +930,10 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket)
// Update the last_ip in the database
// No SQL injection, username escaped.
LoginDatabase.escape_string (address);
static SqlStatementID updAccount;
LoginDatabase.PExecute ("UPDATE account "
"SET last_ip = '%s' "
"WHERE username = '%s'",
address.c_str (),
safe_account.c_str ());
SqlStatement stmt = LoginDatabase.CreateStatement(updAccount, "UPDATE account SET last_ip = ? WHERE username = ?");
stmt.PExecute(address.c_str(), account.c_str());
// NOTE ATM the socket is single-threaded, have this in mind ...
ACE_NEW_RETURN (m_Session, WorldSession (id, this, AccountTypes(security), expansion, mutetime, locale), -1);

2
src/shared/revision_nr.h
View file

@ -1,4 +1,4 @@
#ifndef __REVISION_NR_H__
#define __REVISION_NR_H__
#define REVISION_NR "11316"
#define REVISION_NR "11317"
#endif // __REVISION_NR_H__