From feed584a4173ad977f07f3dc0433183418ec5a9e Mon Sep 17 00:00:00 2001 From: mmcgarvey Date: Tue, 14 Dec 2021 13:57:35 -0500 Subject: [PATCH] [Database] Escape reserved mysql keyword rank w/ backticks (#1862) Fixes #1567 --- common/database.cpp | 2 +- common/database_conversions.cpp | 2 +- common/guild_base.cpp | 10 +++++----- zone/zonedb.cpp | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/common/database.cpp b/common/database.cpp index 9a0ea375d..76673a31b 100644 --- a/common/database.cpp +++ b/common/database.cpp @@ -716,7 +716,7 @@ bool Database::SaveCharacterCreate(uint32 character_id, uint32 account_id, Playe /* HoTT Ability */ if(RuleB(Character, GrantHoTTOnCreate)) { - query = StringFormat("INSERT INTO `character_leadership_abilities` (id, slot, rank) VALUES (%u, %i, %i)", character_id, 14, 1); + query = StringFormat("INSERT INTO `character_leadership_abilities` (id, slot, `rank`) VALUES (%u, %i, %i)", character_id, 14, 1); results = QueryDatabase(query); } diff --git a/common/database_conversions.cpp b/common/database_conversions.cpp index 561e1679b..4ffe058e8 100644 --- a/common/database_conversions.cpp +++ b/common/database_conversions.cpp @@ -1452,7 +1452,7 @@ bool Database::CheckDatabaseConvertPPDeblob(){ for (i = 0; i < MAX_LEADERSHIP_AA_ARRAY; i++){ if (pp->leader_abilities.ranks[i] > 0 && pp->leader_abilities.ranks[i] < 6){ if (first_entry != 1){ - rquery = StringFormat("REPLACE INTO `character_leadership_abilities` (id, slot, rank) VALUES (%i, %u, %u)", character_id, i, pp->leader_abilities.ranks[i]); + rquery = StringFormat("REPLACE INTO `character_leadership_abilities` (id, slot, `rank`) VALUES (%i, %u, %u)", character_id, i, pp->leader_abilities.ranks[i]); first_entry = 1; } rquery = rquery + StringFormat(", (%i, %u, %u)", character_id, i, pp->leader_abilities.ranks[i]); diff --git a/common/guild_base.cpp b/common/guild_base.cpp index 198dd1c5a..f56cd3deb 100644 --- a/common/guild_base.cpp +++ b/common/guild_base.cpp @@ -63,7 +63,7 @@ bool BaseGuildManager::LoadGuilds() { for (auto row=results.begin();row!=results.end();++row) _CreateGuild(atoi(row[0]), row[1], atoi(row[2]), atoi(row[3]), row[4], row[5], row[6], row[7]); - query = "SELECT guild_id,rank,title,can_hear,can_speak,can_invite,can_remove,can_promote,can_demote,can_motd,can_warpeace FROM guild_ranks"; + query = "SELECT guild_id,`rank`,title,can_hear,can_speak,can_invite,can_remove,can_promote,can_demote,can_motd,can_warpeace FROM guild_ranks"; results = m_db->QueryDatabase(query); if (!results.Success()) @@ -131,7 +131,7 @@ bool BaseGuildManager::RefreshGuild(uint32 guild_id) { info = _CreateGuild(guild_id, row[0], atoi(row[1]), atoi(row[2]), row[3], row[4], row[5], row[6]); - query = StringFormat("SELECT guild_id, rank, title, can_hear, can_speak, can_invite, can_remove, can_promote, can_demote, can_motd, can_warpeace " + query = StringFormat("SELECT guild_id, `rank`, title, can_hear, can_speak, can_invite, can_remove, can_promote, can_demote, can_motd, can_warpeace " "FROM guild_ranks WHERE guild_id=%lu", (unsigned long)guild_id); results = m_db->QueryDatabase(query); @@ -268,7 +268,7 @@ bool BaseGuildManager::_StoreGuildDB(uint32 guild_id) { m_db->DoEscapeString(title_esc, rankInfo.name.c_str(), rankInfo.name.length()); query = StringFormat("INSERT INTO guild_ranks " - "(guild_id,rank,title,can_hear,can_speak,can_invite,can_remove,can_promote,can_demote,can_motd,can_warpeace)" + "(guild_id,`rank`,title,can_hear,can_speak,can_invite,can_remove,can_promote,can_demote,can_motd,can_warpeace)" " VALUES(%d,%d,'%s',%d,%d,%d,%d,%d,%d,%d,%d)", guild_id, rank, title_esc, rankInfo.permissions[GUILD_HEAR], @@ -738,7 +738,7 @@ bool BaseGuildManager::DBSetGuild(uint32 charid, uint32 guild_id, uint8 rank) { std::string query; if(guild_id != GUILD_NONE) { - query = StringFormat("REPLACE INTO guild_members (char_id,guild_id,rank,public_note) VALUES(%d,%d,%d,'')", charid, guild_id, rank); + query = StringFormat("REPLACE INTO guild_members (char_id,guild_id,`rank`,public_note) VALUES(%d,%d,%d,'')", charid, guild_id, rank); auto results = m_db->QueryDatabase(query); if (!results.Success()) { @@ -758,7 +758,7 @@ bool BaseGuildManager::DBSetGuild(uint32 charid, uint32 guild_id, uint8 rank) { } bool BaseGuildManager::DBSetGuildRank(uint32 charid, uint8 rank) { - std::string query = StringFormat("UPDATE guild_members SET rank=%d WHERE char_id=%d", rank, charid); + std::string query = StringFormat("UPDATE guild_members SET `rank`=%d WHERE char_id=%d", rank, charid); return(QueryWithLogging(query, "setting a guild member's rank")); } diff --git a/zone/zonedb.cpp b/zone/zonedb.cpp index df0cfb98d..12bcb378d 100755 --- a/zone/zonedb.cpp +++ b/zone/zonedb.cpp @@ -1260,7 +1260,7 @@ bool ZoneDatabase::LoadCharacterLanguages(uint32 character_id, PlayerProfile_Str } bool ZoneDatabase::LoadCharacterLeadershipAA(uint32 character_id, PlayerProfile_Struct* pp){ - std::string query = StringFormat("SELECT slot, rank FROM character_leadership_abilities WHERE `id` = %u", character_id); + std::string query = StringFormat("SELECT slot, `rank` FROM character_leadership_abilities WHERE `id` = %u", character_id); auto results = database.QueryDatabase(query); uint32 slot = 0; for (auto row = results.begin(); row != results.end(); ++row) { slot = atoi(row[0]); @@ -1562,7 +1562,7 @@ bool ZoneDatabase::SaveCharacterLeadershipAA(uint32 character_id, PlayerProfile_ for (int i = 0; i < MAX_LEADERSHIP_AA_ARRAY; i++){ if (pp->leader_abilities.ranks[i] > 0){ if (first_entry != 1){ - query = StringFormat("REPLACE INTO `character_leadership_abilities` (id, slot, rank) VALUES (%i, %u, %u)", character_id, i, pp->leader_abilities.ranks[i]); + query = StringFormat("REPLACE INTO `character_leadership_abilities` (id, slot, `rank`) VALUES (%i, %u, %u)", character_id, i, pp->leader_abilities.ranks[i]); first_entry = 1; } query = query + StringFormat(", (%i, %u, %u)", character_id, i, pp->leader_abilities.ranks[i]);