ElderShell/EverWrath
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(Core/Database): prevent crash due to special chars in branch name (#20776)

Browse source 
add prepared statements to escape special characters in branch name
This commit is contained in:
Jelle Meeus 2024-11-30 16:26:57 +01:00 committed by GitHub
parent e3bcb6c14b
commit 6b5f50cdbe
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/server/database/Database/Implementation/LoginDatabase.cpp
View file

@ -139,6 +139,8 @@ void LoginDatabaseConnection::DoPrepareStatements()
PrepareStatement(LOGIN_SEL_ACCOUNT_TOTP_SECRET, "SELECT totp_secret FROM account WHERE id = ?", CONNECTION_SYNCH);
PrepareStatement(LOGIN_UPD_ACCOUNT_TOTP_SECRET, "UPDATE account SET totp_secret = ? WHERE id = ?", CONNECTION_ASYNC);
PrepareStatement(LOGIN_INS_UPTIME, "INSERT INTO uptime (realmid, starttime, uptime, revision) VALUES (?, ?, 0, ?)", CONNECTION_ASYNC);
}
LoginDatabaseConnection::LoginDatabaseConnection(MySQLConnectionInfo& connInfo) : MySQLConnection(connInfo)