![(please configure the [header_logo] section in trac.ini)](/TrinityCore/trac.cgi/chrome/site/your_project_logo.png){kind=logo}
Changeset 94 for trunk/src/game/World.cpp
- Timestamp:
- 11/19/08 13:34:57 (17 years ago)
- Files:
-
- 1 modified
-
trunk/src/game/World.cpp (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/game/World.cpp
r88 r94 37 37 #include "SkillDiscovery.h" 38 38 #include "World.h" 39 #include "AccountMgr.h" 39 40 #include "ObjectMgr.h" 40 41 #include "SpellMgr.h" … … 2338 2339 if(type == "account") 2339 2340 { 2340 //NO SQL injection as name is escaped 2341 loginDatabase.escape_string(nameOrIP); 2342 QueryResult *resultAccounts = loginDatabase.PQuery("SELECT id FROM account WHERE username = '%s'",nameOrIP.c_str()); 2343 if(!resultAccounts) 2341 if (!AccountMgr::normilizeString (nameOrIP)) 2344 2342 return false; 2345 Field* fieldsAccount = resultAccounts->Fetch(); 2346 account = fieldsAccount->GetUInt32(); 2347 2348 delete resultAccounts; 2343 2344 account = accmgr.GetId (nameOrIP); 2349 2345 } 2350 2346 else if(type == "character") … … 2353 2349 return false; 2354 2350 2355 //NO SQL injection as name is escaped 2356 loginDatabase.escape_string(nameOrIP); 2357 QueryResult *resultAccounts = CharacterDatabase.PQuery("SELECT account FROM characters WHERE name = '%s'",nameOrIP.c_str()); 2358 if(!resultAccounts) 2359 return false; 2360 Field* fieldsAccount = resultAccounts->Fetch(); 2361 account = fieldsAccount->GetUInt32(); 2362 2363 delete resultAccounts; 2351 account = objmgr.GetPlayerAccountIdByPlayerName (nameOrIP); 2364 2352 } 2365 2353 if(!account) 2366 2354 return false; 2355 2367 2356 //NO SQL injection as account is uint32 2368 2357 loginDatabase.PExecute("UPDATE account_banned SET active = '0' WHERE id = '%u'",account);
