mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-15 01:37:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use ObjectMgr/AccountMgr functions instead explici DB quaries.

Browse source
This commit is contained in:
VladimirMangos 2008-10-21 18:09:35 +04:00
parent 42b077df0c
commit 911dbe0b29
4 changed files with 34 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

32
src/game/World.cpp
View file

@ -34,6 +34,7 @@
#include "SkillExtraItems.h"
#include "SkillDiscovery.h"
#include "World.h"
#include "AccountMgr.h"
#include "ObjectMgr.h"
#include "SpellMgr.h"
#include "Chat.h"
@ -2276,36 +2277,25 @@ bool World::RemoveBanAccount(std::string type, std::string nameOrIP)
}
else
{
uint32 account=0;
if(type == "account")
uint32 account = 0;
if (type == "account")
{
//NO SQL injection as name is escaped
loginDatabase.escape_string(nameOrIP);
QueryResult *resultAccounts = loginDatabase.PQuery("SELECT id FROM account WHERE username = '%s'",nameOrIP.c_str());
if(!resultAccounts)
if (!AccountMgr::normilizeString (nameOrIP))
return false;
Field* fieldsAccount = resultAccounts->Fetch();
account = fieldsAccount->GetUInt32();
delete resultAccounts;
account = accmgr.GetId (nameOrIP);
}
else if(type == "character")
else if (type == "character")
{
if(!normalizePlayerName(nameOrIP))
if (!normalizePlayerName (nameOrIP))
return false;
//NO SQL injection as name is escaped
loginDatabase.escape_string(nameOrIP);
QueryResult *resultAccounts = CharacterDatabase.PQuery("SELECT account FROM characters WHERE name = '%s'",nameOrIP.c_str());
if(!resultAccounts)
return false;
Field* fieldsAccount = resultAccounts->Fetch();
account = fieldsAccount->GetUInt32();
delete resultAccounts;
account = objmgr.GetPlayerAccountIdByPlayerName (nameOrIP);
}
if(!account)
if (!account)
return false;
//NO SQL injection as account is uint32
loginDatabase.PExecute("UPDATE account_banned SET active = '0' WHERE id = '%u'",account);
}