themaster1970sf/TShock
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

fix(db/postgres): Resolve SQL identifier casing issues

Browse source 
Improves SQL query execution by ensuring proper casing for identifiers across various database types, particularly for Postgres.

Enhances security and compatibility by using an identifier escaping method, preventing potential errors due to case sensitivity in SQL queries.

Addresses potential issues with existing queries for better reliability and consistency.
This commit is contained in:
Sakura Akeno Isayeki 2025-04-29 00:47:19 +02:00
parent 69b98980f1
commit 2d839e3609
No known key found for this signature in database
GPG key ID: BAB781B71FD2E7E6
9 changed files with 81 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

2
TShockAPI/DB/CharacterManager.cs
View file

@ -82,7 +82,7 @@ namespace TShockAPI.DB
try
{
using var reader = database.QueryReader("SELECT * FROM tsCharacter WHERE Account=@0", acctid);
using var reader = database.QueryReader($"SELECT * FROM tsCharacter WHERE {"Account".EscapeSqlId(database)}=@0", acctid);
if (reader.Read())
{
playerData.exists = true;