yolinlin/azerothcore-wotlk-pbot
1
0
Fork 0
mirror of https://github.com/mod-playerbots/azerothcore-wotlk.git synced 2025-11-29 17:38:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(Scripts/Commands): Prevent crash if you use doublequotes in go cr… (#20012)

Browse Source 
fix(Scripts/Commands): Prevent crash if you use doublequotes in go creature name

* closes https://github.com/azerothcore/azerothcore-wotlk/issues/20010
This commit is contained in:
Kitzunu
2024-09-21 23:30:58 +02:00
committed by GitHub
parent cfd7bf4162
commit d227ed91c2
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/server/scripts/Commands/cs_go.cpp
View File

@@ -123,7 +123,14 @@ public:
if (!name.data())
return false;
QueryResult result = WorldDatabase.Query("SELECT entry FROM creature_template WHERE name = \"{}\" LIMIT 1" , name.data());
// Make sure we don't pass double quotes into the SQL query. Otherwise it causes a MySQL error
std::string str = name.data(); // Making subtractions to the last character does not with in string_view
if (str.front() == '"')
str = str.substr(1);
if (str.back() == '"')
str = str.substr(0, str.size() - 1);
QueryResult result = WorldDatabase.Query("SELECT entry FROM creature_template WHERE name = \"{}\" LIMIT 1", str);
if (!result)
{
handler->SendErrorMessage(LANG_COMMAND_GOCREATNOTFOUND);