X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_sqlauth.cpp;h=6dc01a5f854932ef6840cfd48e3d78f00c0995e0;hb=c4cb1f9477b1fbf8662bedb1c36f84ff6f87e1f3;hp=0cd1ced24f3d6d624e0dc9aded23cd1dbe31133c;hpb=9bb31e58f8dfebd3c7297e738886f94c7bb3196b;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_sqlauth.cpp b/src/modules/extra/m_sqlauth.cpp
index 0cd1ced24..6dc01a5f8 100644
--- a/src/modules/extra/m_sqlauth.cpp
+++ b/src/modules/extra/m_sqlauth.cpp
@@ -3,7 +3,7 @@
  *       +------------------------------------+
  *
  *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
- * See: http://www.inspircd.org/wiki/index.php/Credits
+ * See: http://wiki.inspircd.org/Credits
  *
  * This program is free but copyrighted software; see
  *            the file COPYING for details.
@@ -46,7 +46,7 @@ public:
 		if (!SQLprovider)
 			throw ModuleException("Can't find an SQL provider module. Please load one before attempting to load m_sqlauth.");
 
-		OnRehash(NULL,"");
+		OnRehash(NULL);
 		Implementation eventlist[] = { I_OnUserDisconnect, I_OnCheckReady, I_OnRequest, I_OnRehash, I_OnUserRegister };
 		ServerInstance->Modules->Attach(eventlist, this, 5);
 	}
@@ -58,7 +58,7 @@ public:
 	}
 
 
-	virtual void OnRehash(User* user, const std::string &parameter)
+	virtual void OnRehash(User* user)
 	{
 		ConfigReader Conf(ServerInstance);
 
@@ -85,42 +85,32 @@ public:
 		return 0;
 	}
 
-	void SearchAndReplace(std::string& newline, const std::string &find, const std::string &replace)
-	{
-		std::string::size_type x = newline.find(find);
-		while (x != std::string::npos)
-		{
-			newline.erase(x, find.length());
-			if (!replace.empty())
-				newline.insert(x, replace);
-			x = newline.find(find);
-		}
-	}
-
 	bool CheckCredentials(User* user)
 	{
 		std::string thisquery = freeformquery;
 		std::string safepass = user->password;
+		std::string safegecos = user->fullname;
 
 		/* Search and replace the escaped nick and escaped pass into the query */
 
-		SearchAndReplace(safepass, "\"", "");
+		SearchAndReplace(safepass, std::string("\""), std::string("\\\""));
+		SearchAndReplace(safegecos, std::string("\""), std::string("\\\""));
 
-		SearchAndReplace(thisquery, "$nick", user->nick);
-		SearchAndReplace(thisquery, "$pass", safepass);
-		SearchAndReplace(thisquery, "$host", user->host);
-		SearchAndReplace(thisquery, "$ip", user->GetIPString());
-		SearchAndReplace(thisquery, "$gecos", user->fullname);
-		SearchAndReplace(thisquery, "$ident", user->ident);
-		SearchAndReplace(thisquery, "$server", user->server);
-		SearchAndReplace(thisquery, "$uuid", user->uuid);
+		SearchAndReplace(thisquery, std::string("$nick"), user->nick);
+		SearchAndReplace(thisquery, std::string("$pass"), safepass);
+		SearchAndReplace(thisquery, std::string("$host"), user->host);
+		SearchAndReplace(thisquery, std::string("$ip"), std::string(user->GetIPString()));
+		SearchAndReplace(thisquery, std::string("$gecos"), safegecos);
+		SearchAndReplace(thisquery, std::string("$ident"), user->ident);
+		SearchAndReplace(thisquery, std::string("$server"), std::string(user->server));
+		SearchAndReplace(thisquery, std::string("$uuid"), user->uuid);
 
 		Module* HashMod = ServerInstance->Modules->Find("m_md5.so");
 
 		if (HashMod)
 		{
 			HashResetRequest(this, HashMod).Send();
-			SearchAndReplace(thisquery, "$md5pass", HashSumRequest(this, HashMod, user->password).Send());
+			SearchAndReplace(thisquery, std::string("$md5pass"), std::string(HashSumRequest(this, HashMod, user->password).Send()));
 		}
 
 		HashMod = ServerInstance->Modules->Find("m_sha256.so");
@@ -128,7 +118,7 @@ public:
 		if (HashMod)
 		{
 			HashResetRequest(this, HashMod).Send();
-			SearchAndReplace(thisquery, "$sha256pass", HashSumRequest(this, HashMod, user->password).Send());
+			SearchAndReplace(thisquery, std::string("$sha256pass"), std::string(HashSumRequest(this, HashMod, user->password).Send()));
 		}
 
 		/* Build the query */
@@ -150,7 +140,7 @@ public:
 		else
 		{
 			if (verbose)
-				ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), req.error.Str());
+				ServerInstance->SNO->WriteGlobalSno('a', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), req.error.Str());
 			return false;
 		}
 	}
@@ -176,13 +166,13 @@ public:
 					else if (verbose)
 					{
 						/* No rows in result, this means there was no record matching the user */
-						ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query returned no matches)", user->nick.c_str(), user->ident.c_str(), user->host.c_str());
+						ServerInstance->SNO->WriteGlobalSno('a', "Forbidden connection from %s!%s@%s (SQL query returned no matches)", user->nick.c_str(), user->ident.c_str(), user->host.c_str());
 						user->Extend("sqlauth_failed");
 					}
 				}
 				else if (verbose)
 				{
-					ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), res->error.Str());
+					ServerInstance->SNO->WriteGlobalSno('a', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), res->error.Str());
 					user->Extend("sqlauth_failed");
 				}
 			}