Replace db queries by prepared statements

This commit is contained in:
Beu 2024-05-27 14:08:04 +02:00
parent 4d949982f9
commit 48478fad26

View File

@ -38,7 +38,7 @@ use ManiaControl\Callbacks\TimerListener; // for pause
class MatchManagerCore implements CallbackListener, CommandListener, TimerListener, CommunicationListener, Plugin { class MatchManagerCore implements CallbackListener, CommandListener, TimerListener, CommunicationListener, Plugin {
const PLUGIN_ID = 152; const PLUGIN_ID = 152;
const PLUGIN_VERSION = 5.0; const PLUGIN_VERSION = 5.1;
const PLUGIN_NAME = 'MatchManager Core'; const PLUGIN_NAME = 'MatchManager Core';
const PLUGIN_AUTHOR = 'Beu'; const PLUGIN_AUTHOR = 'Beu';
@ -894,15 +894,16 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
/** /**
* Function called to list matches * Function called to list matches
*/ */
public function getMatchesList($limit = 10) { public function getMatchesList(int $limit = 10) {
$mysqli = $this->maniaControl->getDatabase()->getMysqli(); $mysqli = $this->maniaControl->getDatabase()->getMysqli();
$query = "SELECT `gamemodebase`,`started`,`ended` FROM `" . self::DB_MATCHESINDEX . "` $stmt = $mysqli->prepare("SELECT `gamemodebase`,`started`,`ended` FROM `" . self::DB_MATCHESINDEX . "` ORDER BY `started` DESC LIMIT ?");
ORDER BY `started` DESC LIMIT " . $limit; $stmt->bind_param('i', $limit);
$result = $mysqli->query($query);
if ($mysqli->error) { if (!$stmt->execute()) {
trigger_error($mysqli->error); Logger::logError('Error executing MySQL query: '. $stmt->error);
return false;
} }
$result = $stmt->get_result();
while($row = $result->fetch_array()) { while($row = $result->fetch_array()) {
$array[] = $row; $array[] = $row;
} }
@ -1021,15 +1022,17 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
$this->handlePlayerConnect($player); $this->handlePlayerConnect($player);
} }
$serverlogin = $this->maniaControl->getServer()->login;
$timestamp = time();
// MYSQL DATA INSERT // MYSQL DATA INSERT
$mysqli = $this->maniaControl->getDatabase()->getMysqli(); $mysqli = $this->maniaControl->getDatabase()->getMysqli();
$query = 'INSERT INTO `' . self::DB_MATCHESINDEX . '` $stmt = $mysqli->prepare('INSERT INTO `' . self::DB_MATCHESINDEX . '` (`matchid`, `server`, `gamemodebase`, `started`, `ended`)
(`matchid`, `server`, `gamemodebase`, `started`, `ended`) VALUES (?, ?, ?, ?, 0)');
VALUES $stmt->bind_param('sssi', $this->matchid, $serverlogin, $this->currentgmbase, $timestamp);
("' . $this->matchid . '","' . $this->maniaControl->getServer()->login . '","' . $this->currentgmbase . '","' . time() . '","0" )';
$mysqli->query($query); if (!$stmt->execute()) {
if ($mysqli->error) { Logger::logError('Error executing MySQL query: '. $stmt->error);
throw new \Exception("Error during the MySQL insert: " . $mysqli->error);
} }
// Trigger Callback // Trigger Callback
@ -1072,12 +1075,15 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
} }
} }
$timestamp = time();
// MYSQL DATA INSERT // MYSQL DATA INSERT
$mysqli = $this->maniaControl->getDatabase()->getMysqli(); $mysqli = $this->maniaControl->getDatabase()->getMysqli();
$query = 'UPDATE `' . self::DB_MATCHESINDEX . '` SET `ended` = "' . time() . '" WHERE `matchid` = "' . $this->matchid . '"'; $stmt = $mysqli->prepare('UPDATE `' . self::DB_MATCHESINDEX . '` SET `ended` = ? WHERE `matchid` = ?');
$mysqli->query($query); $stmt->bind_param('is', $timestamp, $this->matchid);
if ($mysqli->error) {
trigger_error($mysqli->error); if (!$stmt->execute()) {
Logger::logError('Error executing MySQL query: '. $stmt->error);
} }
// Trigger Callback // Trigger Callback
@ -1141,43 +1147,59 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
* Function called to recover a match * Function called to recover a match
* @param integer $index * @param integer $index
*/ */
public function MatchRecover(Int $index) { public function MatchRecover(int $index): bool {
Logger::log("Match Recover"); Logger::log("Match Recover");
$mysqli = $this->maniaControl->getDatabase()->getMysqli(); $mysqli = $this->maniaControl->getDatabase()->getMysqli();
$query = "SELECT `matchid`,`gamemodebase` FROM `" . self::DB_MATCHESINDEX . "` $stmt = $mysqli->prepare('SELECT `matchid`,`gamemodebase` FROM `' . self::DB_MATCHESINDEX . '` ORDER BY `started` DESC LIMIT ? , 1');
ORDER BY `started` DESC LIMIT " . $index . ",1"; $stmt->bind_param('i', $index);
$result = $mysqli->query($query);
if (!$stmt->execute()) {
Logger::logError('Error executing MySQL query: '. $stmt->error);
return false;
}
$result = $stmt->get_result();
$array = mysqli_fetch_array($result); $array = mysqli_fetch_array($result);
if (isset($array[0])) { if (isset($array[0])) {
$gamemodebase = $array['gamemodebase']; $gamemodebase = $array['gamemodebase'];
$matchid = $array['matchid']; $matchid = $array['matchid'];
unset($array);
$this->matchrecover = true; $this->matchrecover = true;
$query = "SELECT `timestamp`,`settings`,`nbmaps`,`nbrounds` FROM `" . self::DB_ROUNDSINDEX . "`
WHERE `matchid` = '" . $matchid . "' $stmt = $mysqli->prepare('SELECT `timestamp` FROM `' . self::DB_ROUNDSINDEX . '` WHERE `matchid` = ? ORDER BY `timestamp` DESC LIMIT 1');
ORDER BY `timestamp` DESC LIMIT 1"; $stmt->bind_param('s', $matchid);
$result = $mysqli->query($query);
$array = mysqli_fetch_array($result); if (!$stmt->execute()) {
if (isset($array[0])) { Logger::logError('Error executing MySQL query: '. $stmt->error);
$nbmaps=$array['nbmaps'];
$nbrounds=$array['nbrounds'];
$settings=$array['settings'];
$timestamp=$array['timestamp'];
unset($array);
if ($gamemodebase == "Teams") {
$query = "SELECT `id` AS login,`points` AS matchpoints FROM `" . self::DB_TEAMSDATA . "`
WHERE `timestamp` = (SELECT `timestamp` FROM `" . self::DB_TEAMSDATA . "`
WHERE `matchid` = '" . $matchid . "' ORDER BY `timestamp` DESC LIMIT 1)" ;
} else {
$query = "SELECT `login`,`matchpoints` FROM `" . self::DB_ROUNDSDATA . "`
WHERE `timestamp` = '" . $timestamp . "'";
}
$result = $mysqli->query($query);
if ($mysqli->error) {
trigger_error($mysqli->error);
return false; return false;
} }
$result = $stmt->get_result();
$array = mysqli_fetch_array($result);
if (isset($array[0])) {
$timestamp = $array['timestamp'];
if ($gamemodebase == "Teams") {
$stmt = $mysqli->prepare('SELECT `id` AS login, `matchpoints` FROM `' . self::DB_TEAMSDATA . '`
WHERE `matchid` = ? AND `timestamp` = ?');
/*$stmt = $mysqli->prepare('SELECT `id` AS login, `points` AS matchpoints FROM `' . self::DB_TEAMSDATA . '`
WHERE `timestamp` = (SELECT `timestamp` FROM `' . self::DB_TEAMSDATA . '`
WHERE `matchid` = ? ORDER BY `timestamp` DESC LIMIT 1)');
*/
} else {
$stmt = $mysqli->prepare('SELECT `login`,`matchpoints` FROM `' . self::DB_ROUNDSDATA . '`
WHERE `matchid` = ? AND `timestamp` = ?');
}
$stmt->bind_param('si', $matchid, $timestamp);
if (!$stmt->execute()) {
Logger::logError('Error executing MySQL query: '. $stmt->error);
return false;
}
$result = $stmt->get_result();
while($row = $result->fetch_array()) { while($row = $result->fetch_array()) {
$array[] = $row; $array[] = $row;
} }
@ -1191,6 +1213,7 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
$this->maniaControl->getChat()->sendSuccess($this->chatprefix . 'Recovering the match: ' . $matchid ); $this->maniaControl->getChat()->sendSuccess($this->chatprefix . 'Recovering the match: ' . $matchid );
Logger::log('Recovering the match: ' . $matchid); Logger::log('Recovering the match: ' . $matchid);
$this->MatchStart(); $this->MatchStart();
return true;
} else { } else {
$this->maniaControl->getChat()->sendErrorToAdmins($this->chatprefix . 'No data found from the last round'); $this->maniaControl->getChat()->sendErrorToAdmins($this->chatprefix . 'No data found from the last round');
} }
@ -1200,6 +1223,8 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
} else { } else {
$this->maniaControl->getChat()->sendErrorToAdmins($this->chatprefix . 'Match not found'); $this->maniaControl->getChat()->sendErrorToAdmins($this->chatprefix . 'Match not found');
} }
return false;
} }
/** /**
@ -1677,41 +1702,67 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
$settings = json_encode($this->maniaControl->getClient()->getModeScriptSettings()); $settings = json_encode($this->maniaControl->getClient()->getModeScriptSettings());
$mysqli = $this->maniaControl->getDatabase()->getMysqli(); $mysqli = $this->maniaControl->getDatabase()->getMysqli();
$query = 'INSERT INTO `' . self::DB_ROUNDSINDEX . '` $mysqli->begin_transaction();
$playercount = $this->maniaControl->getPlayerManager()->getPlayerCount();
$spectatorcount = $this->maniaControl->getPlayerManager()->getSpectatorCount();
$stmt = $mysqli->prepare('INSERT INTO `' . self::DB_ROUNDSINDEX . '`
(`matchid`,`timestamp`,`nbmaps`,`nbrounds`,`settings`,`map`,`nbplayers`,`nbspectators`) (`matchid`,`timestamp`,`nbmaps`,`nbrounds`,`settings`,`map`,`nbplayers`,`nbspectators`)
VALUES VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
("'. $this->matchid . '","' . $timestamp . '","' . $this->nbmaps . '","' . $this->nbrounds . '",' . "'" . $settings . "'" . ',"' . $this->currentmap->uid . '","' . $this->maniaControl->getPlayerManager()->getPlayerCount() . '","' . $this->maniaControl->getPlayerManager()->getSpectatorCount() . '")'; $stmt->bind_param('siiissii', $this->matchid, $timestamp, $this->nbmaps, $this->nbrounds, $settings, $this->currentmap->uid, $playercount, $spectatorcount);
$mysqli->query($query); if (!$stmt->execute()) {
if ($mysqli->error) { Logger::logError('Error executing MySQL query: '. $stmt->error);
trigger_error($mysqli->error);
} }
$stmt->close();
// Round data // Round data
$dbquery = 'INSERT INTO `' . self::DB_ROUNDSDATA . '` (`matchid`,`timestamp`,`rank`,`login`,`matchpoints`,`mappoints`,`roundpoints`,`bestracetime`,`bestracecheckpoints`,`bestlaptime`,`bestlapcheckpoints`,`prevracetime`,`prevracecheckpoints`,`teamid`) VALUES '; $stmt = $mysqli->prepare('INSERT INTO `' . self::DB_ROUNDSDATA . '`
foreach ($this->currentscore as $value) { (`matchid`,`timestamp`,`rank`,`login`,`matchpoints`,`mappoints`,`roundpoints`,`bestracetime`,`bestracecheckpoints`,`bestlaptime`,`bestlapcheckpoints`,`prevracetime`,`prevracecheckpoints`,`teamid`)
$dbquery .= '("' . $this->matchid . '","' . $timestamp . '","' . implode('","',$value) . '"),'; VALUES (?, ?, ?, ?, ? ,? ,? ,?, ? ,? ,? ,? ,?, ?)');
$stmt->bind_param('siisiiiisisisi',
$this->matchid,
$timestamp,
$rank,
$login,
$matchpoints,
$mappoints,
$roundpoints,
$bestracetime,
$bestracecheckpoints,
$bestlaptime,
$bestlapcheckpoints,
$prevracetime,
$prevracecheckpoints,
$teamid
);
foreach ($this->currentscore as $score) {
list($rank, $login, $matchpoints, $mappoints, $roundpoints, $bestracetime, $bestracecheckpoints, $bestlaptime, $bestlapcheckpoints, $prevracetime, $prevracecheckpoints, $teamid) = $score;
if (!$stmt->execute()) {
Logger::logError('Error executing MySQL query: '. $stmt->error);
} }
$dbquery = substr($dbquery, 0, -1);
$mysqli->query($dbquery);
if ($mysqli->error) {
trigger_error($mysqli->error);
} }
$stmt->close();
// Teams Rounds data // Teams Rounds data
if (count($teamresults) > 1) { if (count($teamresults) > 1) {
$teamdbquery = 'INSERT INTO `' . self::DB_TEAMSDATA . '` (`matchid`,`timestamp`,`rank`,`id`,`team`,`matchpoints`,`mappoints`,`roundpoints`) VALUES '; $stmt = $mysqli->prepare('INSERT INTO `' . self::DB_TEAMSDATA . '` (`matchid`,`timestamp`,`rank`,`id`,`team`,`matchpoints`,`mappoints`,`roundpoints`)
foreach ($this->currentteamsscore as $value) { VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
$teamdbquery .= '("' . $this->matchid . '","' . $timestamp . '","' . implode('","',$value) . '"),'; $stmt->bind_param('siiisiii', $this->matchid, $timestamp, $rank, $teamid, $teamname, $matchpoints, $mappoints, $roundpoints);
}
$teamdbquery = substr($teamdbquery, 0, -1);
$mysqli = $this->maniaControl->getDatabase()->getMysqli();
// Teams data foreach ($this->currentteamsscore as $score) {
$mysqli->query($teamdbquery); list($rank, $teamid, $teamname, $matchpoints, $mappoints, $roundpoints) = $score;
if ($mysqli->error) {
trigger_error($mysqli->error); if (!$stmt->execute()) {
Logger::logError('Error executing MySQL query: '. $stmt->error);
} }
} }
$stmt->close();
}
$mysqli->commit();
Logger::log("Rounds finished: " . $this->nbrounds); Logger::log("Rounds finished: " . $this->nbrounds);
$this->maniaControl->getCallbackManager()->triggerCallback(self::CB_MATCHMANAGER_ENDROUND, $this->matchid, $this->currentscore, $this->currentteamsscore); $this->maniaControl->getCallbackManager()->triggerCallback(self::CB_MATCHMANAGER_ENDROUND, $this->matchid, $this->currentscore, $this->currentteamsscore);
@ -1913,8 +1964,14 @@ class MatchManagerCore implements CallbackListener, CommandListener, TimerListen
$this->maniaControl->getChat()->sendSuccess($this->chatprefix . 'Team ' . $text[1] . ' now has $<$ff0' . $text[2] . '$> points!'); $this->maniaControl->getChat()->sendSuccess($this->chatprefix . 'Team ' . $text[1] . ' now has $<$ff0' . $text[2] . '$> points!');
} else { } else {
$mysqli = $this->maniaControl->getDatabase()->getMysqli(); $mysqli = $this->maniaControl->getDatabase()->getMysqli();
$query = 'SELECT login FROM `' . PlayerManager::TABLE_PLAYERS . '` WHERE nickname LIKE "' . $text[1] . '"'; $stmt = $mysqli->prepare('SELECT login FROM `' . PlayerManager::TABLE_PLAYERS . '` WHERE nickname LIKE ?');
$result = $mysqli->query($query); $stmt->bind_param('s', $text[1]);
if (!$stmt->execute()) {
Logger::logError('Error executing MySQL query: '. $stmt->error);
}
$result = $stmt->get_result();
$array = mysqli_fetch_array($result); $array = mysqli_fetch_array($result);
if (isset($array[0])) { if (isset($array[0])) {