From: <wel...@us...> - 2010-06-21 09:41:03
|
Revision: 5984 http://planeshift.svn.sourceforge.net/planeshift/?rev=5984&view=rev Author: weltall2 Date: 2010-06-21 09:40:56 +0000 (Mon, 21 Jun 2010) Log Message: ----------- escape questname Modified Paths: -------------- trunk/src/server/adminmanager.cpp Modified: trunk/src/server/adminmanager.cpp =================================================================== --- trunk/src/server/adminmanager.cpp 2010-06-21 07:19:42 UTC (rev 5983) +++ trunk/src/server/adminmanager.cpp 2010-06-21 09:40:56 UTC (rev 5984) @@ -1552,7 +1552,9 @@ { uint32 questID = (uint32)-1; - Result result(db->Select("select * from quests where name='%s'", data.text.GetData())); + csString questName; + db->Escape(questName, data.text.GetData()); + Result result(db->Select("select * from quests where name='%s'", questName.GetData())); if (!result.IsValid() || result.Count() == 0) { psserver->SendSystemError(client->GetClientNum(), "Quest <%s> not found", data.text.GetData()); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |