From a47ea09613cf75d7e8a30e5f998dd225234e5747 Mon Sep 17 00:00:00 2001 From: jenz Date: Sun, 24 Apr 2022 19:20:29 +0200 Subject: [PATCH] fixed queries to update appropiate rows --- .../scripting/nosteam_verifier.sp | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/nosteam_verificiation/scripting/nosteam_verifier.sp b/nosteam_verificiation/scripting/nosteam_verifier.sp index ae0df333..501d1d27 100644 --- a/nosteam_verificiation/scripting/nosteam_verifier.sp +++ b/nosteam_verificiation/scripting/nosteam_verifier.sp @@ -112,14 +112,14 @@ public int OnTransferResponse(char[] sData, int iSerial) ipobj.GetString("provider", provider, sizeof(provider)); ipobj.GetString("country", country, sizeof(country)); - char sql_statement[512]; + char sql_statement[1024]; + g_hDatabase.Escape(provider, g_provider[client], sizeof(g_provider[])); char sAuthID[512]; Format(g_asn[client], sizeof(g_asn[]), asn); - Format(g_provider[client], sizeof(g_provider[]), provider); Format(g_country[client], sizeof(g_country[]), country); GetClientAuthId(client, AuthId_Steam2, sAuthID, sizeof(sAuthID), false); - Format(sql_statement, sizeof(sql_statement), "insert into connect_restriction (country, asn, provider, steam_id, ipv4) values ('%s', '%s', '%s', '%s', '%s') ON DUPLICATE KEY UPDATE modified_on = now()", country, asn, provider, sAuthID, sIP); + Format(sql_statement, sizeof(sql_statement), "insert into connect_restriction (country, asn, provider, steam_id, ipv4) values ('%s', '%s', '%s', '%s', '%s') ON DUPLICATE KEY UPDATE modified_on = now()", country, asn, g_provider[client], sAuthID, sIP); g_hDatabase.Query(SQL_insert, sql_statement, iSerial, DBPrio_High); ipobj.Cleanup(); delete ipobj; @@ -142,8 +142,9 @@ public void SQL_insert(Database db, DBResultSet results, const char[] error, any char ip_subblock[8][8]; GetClientIP(client, sIP, sizeof(sIP)); ExplodeString(sIP, ".", ip_subblock, sizeof(ip_subblock), sizeof(ip_subblock[])); - Format(sql_statement, sizeof(sql_statement), "update connect_restriction cr1 inner join (select * from connect_restriction cr3 where cr3.asn = '%s' and cr3.provider = '%s' and cr3.country = '%s' and cr3.ipv4 like '%s.%s.%s%s' and cr3.cooldown > CURDATE() order by cr3.inserted_on desc limit 1) as cr2 on cr1.asn = cr2.asn and cr1.provider = cr2.provider and cr1.country = cr2.country set cr1.cooldown = cr2.cooldown", g_asn[client], g_provider[client], g_country[client], ip_subblock[0], ip_subblock[1], ip_subblock[2], "%"); - Format(sql_statement, sizeof(sql_statement), "%s , cr1.cooldown_query = %s%s%s", sql_statement, "\"", sql_statement, "\""); + char sql_statement_query[1024]; + Format(sql_statement_query, sizeof(sql_statement_query), "update connect_restriction cr1 inner join (select * from connect_restriction cr3 where cr3.asn = '%s' and cr3.provider = '%s' and cr3.country = '%s' and cr3.ipv4 like '%s.%s.%s' and cr3.cooldown > CURDATE() order by cr3.inserted_on desc limit 1) as cr2 on cr1.asn = cr2.asn and cr1.provider = cr2.provider and cr1.country = cr2.country set cr1.cooldown = cr2.cooldown where cr1.ipv4 like '%s.%s.%s'", g_asn[client], g_provider[client], g_country[client], ip_subblock[0], ip_subblock[1], "%", ip_subblock[0], ip_subblock[1], "%"); + Format(sql_statement, sizeof(sql_statement), "update connect_restriction cr1 inner join (select * from connect_restriction cr3 where cr3.asn = '%s' and cr3.provider = '%s' and cr3.country = '%s' and cr3.ipv4 like '%s.%s.%s' and cr3.cooldown > CURDATE() order by cr3.inserted_on desc limit 1) as cr2 on cr1.asn = cr2.asn and cr1.provider = cr2.provider and cr1.country = cr2.country set cr1.cooldown = cr2.cooldown, cr1.cooldown_query = %s%s%s where cr1.ipv4 like '%s.%s.%s'", g_asn[client], g_provider[client], g_country[client], ip_subblock[0], ip_subblock[1], "%", "\"", sql_statement_query, "\"", ip_subblock[0], ip_subblock[1], "%"); //LogMessage("sql_statement: %s", sql_statement); delete results; g_hDatabase.Query(SQL_update_restriction, sql_statement, GetClientSerial(client), DBPrio_High); @@ -165,7 +166,7 @@ public void SQL_update_restriction(Database db, DBResultSet results, const char[ GetClientIP(client, sIP, sizeof(sIP)); ExplodeString(sIP, ".", ip_subblock, sizeof(ip_subblock), sizeof(ip_subblock[])); char sql_statement[512]; - Format(sql_statement, sizeof(sql_statement), "select * from connect_restriction where asn = '%s' and provider = '%s' and country = '%s' and ipv4 like '%s.%s.%s%s' and cooldown > CURDATE() order by inserted_on desc limit 1", g_asn[client], g_provider[client], g_country[client], ip_subblock[0], ip_subblock[1], ip_subblock[2], "%"); + Format(sql_statement, sizeof(sql_statement), "select * from connect_restriction where asn = '%s' and provider = '%s' and country = '%s' and ipv4 like '%s.%s.%s' and cooldown > CURDATE() order by inserted_on desc limit 1", g_asn[client], g_provider[client], g_country[client], ip_subblock[0], ip_subblock[1], "%"); g_hDatabase.Query(sql_select_cooldown, sql_statement, GetClientSerial(client), DBPrio_High); } @@ -254,9 +255,7 @@ public void sql_select_sb_bans(Database db, DBResultSet results, const char[] er delete results; char ip_subblock[8][8]; ExplodeString(s_client_ip, ".", ip_subblock, sizeof(ip_subblock), sizeof(ip_subblock[])); - Format(sql_statement, sizeof(sql_statement), "select cr1.* from connect_restriction cr1 inner join connect_restriction cr2 on cr1.asn = cr2.asn inner join sb_bans_shortened cr3 on cr1.steam_id = cr3.steam_id and cr1.ipv4 = cr3.ipv4 and cr1.provider = cr2.provider and cr1.country = cr2.country and cr2.ipv4 = '%s' and cr1.ipv4 like '%s.%s.%s%s' limit 1", s_client_ip, ip_subblock[0], ip_subblock[1], ip_subblock[2], "%"); - char sAuthID[512]; - GetClientAuthId(client, AuthId_Steam2, sAuthID, sizeof(sAuthID), false); + Format(sql_statement, sizeof(sql_statement), "select cr1.* from connect_restriction cr1 inner join connect_restriction cr2 on cr1.asn = cr2.asn inner join sb_bans_shortened cr3 on cr1.steam_id = cr3.steam_id and cr1.ipv4 = cr3.ipv4 and cr1.provider = cr2.provider and cr1.country = cr2.country and cr2.ipv4 = '%s' and cr1.ipv4 like '%s.%s.%s' limit 1", s_client_ip, ip_subblock[0], ip_subblock[1], "%"); g_hDatabase.Query(sql_select_banned, sql_statement, GetClientSerial(client), DBPrio_High); } @@ -286,8 +285,10 @@ public void sql_select_banned(Database db, DBResultSet results, const char[] err GetClientIP(client, s_client_ip, sizeof(s_client_ip)); char sAuthID[512]; GetClientAuthId(client, AuthId_Steam2, sAuthID, sizeof(sAuthID), false); - char sql_statement[512]; - Format(sql_statement, sizeof(sql_statement), "update connect_restriction set cooldown = DATE_ADD(now(), INTERVAL 170 DAY) where steam_id = '%s' and ipv4 = '%s'", sAuthID, s_client_ip); + char sql_statement[1024]; + char sql_statement_query[512]; + Format(sql_statement_query, sizeof(sql_statement_query), "update connect_restriction set cooldown = DATE_ADD(now(), INTERVAL 170 DAY) where steam_id = '%s' and ipv4 = '%s'", sAuthID, s_client_ip); + Format(sql_statement, sizeof(sql_statement), "update connect_restriction set cooldown = DATE_ADD(now(), INTERVAL 170 DAY), cooldown_query = %s%s%s where steam_id = '%s' and ipv4 = '%s'", "\"", sql_statement_query, "\"", sAuthID, s_client_ip); g_hDatabase.Query(sql_update_cooldown, sql_statement, GetClientSerial(client), DBPrio_High); } delete results; @@ -338,7 +339,7 @@ public void sql_select_if_exists(Database db, DBResultSet results, const char[] results.FetchString(4, s_steam, sizeof(s_steam)); results.FetchString(5, s_ipv4, sizeof(s_ipv4)); Format(g_asn[client], sizeof(g_asn[]), s_asn); - Format(g_provider[client], sizeof(g_provider[]), s_provider); + g_hDatabase.Escape(s_provider, g_provider[client], sizeof(g_provider[])); Format(g_country[client], sizeof(g_country[]), s_country); Format(sql_statement, sizeof(sql_statement), "insert into connect_restriction (country, asn, provider, steam_id, ipv4) values ('%s', '%s', '%s', '%s', '%s') ON DUPLICATE KEY UPDATE modified_on = now()", s_country, s_asn, s_provider, s_steam, s_ipv4); g_hDatabase.Query(SQL_insert, sql_statement, GetClientSerial(client), DBPrio_High);