PlusEMU Query fix. (APPLY THIS ASAP)

Sledmore · Dec 9, 2013

Hey.

So I check Habboons log files daily to see if there is anything I can fix and to improve the emulator, well today I'd found a user had accidentally caused an error that lead me on to find this. Well with further inspection I could drop any tables such (just like the old navigator issue, with the search query not being sanitized).

So, here are two simple fixes. (both in GroupManager.cs)

Replace both methods;

GetGroupUsersByString
GetGroupRequestsByString

With:

PHP:

        internal List<GroupUser> GetGroupUsersByString(Group Group, String SearchVal, uint Req)
        {
            var Users = new List<GroupUser>();
            if (string.IsNullOrWhiteSpace(SearchVal))
            {
                if (Req == 0)
                    foreach (GroupUser U in Group.Members.Values)
                        Users.Add(U);
                else
                    foreach (GroupUser U in Group.Admins.Values)
                        Users.Add(U);
            }
            else
            {
                using (IQueryAdapter dbClient = PlusEnvironment.GetDatabaseManager().getQueryreactor())
                {
                    dbClient.setQuery("SELECT id FROM users WHERE username LIKE @query");
                    dbClient.addParameter("query", "%" + SearchVal + "%");
                    DataTable Table = dbClient.getTable();
                    if (Table == null)
                    {
                        if (Req == 0)
                            foreach (GroupUser U in Group.Members.Values)
                                Users.Add(U);
                        else
                            foreach (GroupUser U in Group.Admins.Values)
                                Users.Add(U);
                    }
                    else
                    {
                        foreach (DataRow Row in Table.Rows)
                        {
                            if (Group.Members.ContainsKey((uint)Row[0]))
                                Users.Add(Group.Members[(uint)Row[0]]);
                        }
                    }
                }
            }
            return Users;
        }

        internal List<uint> GetGroupRequestsByString(Group Group, String SearchVal, uint Req)
        {
            if (string.IsNullOrWhiteSpace(SearchVal))
                return Group.Requests;
            var Users = new List<uint>();
            using (IQueryAdapter dbClient = PlusEnvironment.GetDatabaseManager().getQueryreactor())
            {
                dbClient.setQuery("SELECT id FROM users WHERE username LIKE @query");
                dbClient.addParameter("query", "%" + SearchVal + "%");
                DataTable Table = dbClient.getTable();
                if (Table != null)
                {
                    foreach (DataRow Row in Table.Rows)
                    {
                        if (Group.Requests.Contains((uint)Row[0]))
                            Users.Add((uint)Row[0]);
                    }
                }
            }
            return Users;
        }

You're welcome.

Wouto · Dec 9, 2013

Thanks for this craig

Zodiak · Dec 9, 2013

Looks like you are useful

cheers

Elf · Dec 9, 2013

Thanks for this!

13rad · Dec 10, 2013

Thanks for the release Craig maybe you could fix snowstorm and fast food soon and release your plus edit. <3_<3

Tobakowalla · Dec 11, 2013

Cheers Craig This Has Helped!

PlusEMU Query fix. (APPLY THIS ASAP)

Sledmore

Chaturbate Livestreamer

Wouto

Posting Freak

Zodiak

recovering crack addict

Elf

Member

13rad

King

Tobakowalla

New Member

Users who are viewing this thread

Latest posts

Connect with us

Newest members