diff options
author | Justin Clarke Casey | 2009-07-24 20:01:17 +0000 |
---|---|---|
committer | Justin Clarke Casey | 2009-07-24 20:01:17 +0000 |
commit | c3bb9ec42ccc86d55055494bad31835a0fae00d2 (patch) | |
tree | 4cbad1bb4b0ebf797d80c71d4749ee7af02b50f4 /OpenSim/Data/MySQL/MySQLInventoryData.cs | |
parent | * Extend mssql name string size checking to create/update folder (diff) | |
download | opensim-SC-c3bb9ec42ccc86d55055494bad31835a0fae00d2.zip opensim-SC-c3bb9ec42ccc86d55055494bad31835a0fae00d2.tar.gz opensim-SC-c3bb9ec42ccc86d55055494bad31835a0fae00d2.tar.bz2 opensim-SC-c3bb9ec42ccc86d55055494bad31835a0fae00d2.tar.xz |
* Apply asset and inventory name and description bound checks to MySQL
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Data/MySQL/MySQLInventoryData.cs | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/OpenSim/Data/MySQL/MySQLInventoryData.cs b/OpenSim/Data/MySQL/MySQLInventoryData.cs index e48f26a..a4b8663 100644 --- a/OpenSim/Data/MySQL/MySQLInventoryData.cs +++ b/OpenSim/Data/MySQL/MySQLInventoryData.cs | |||
@@ -471,6 +471,20 @@ namespace OpenSim.Data.MySQL | |||
471 | + ", ?inventoryBasePermissions, ?inventoryEveryOnePermissions, ?inventoryGroupPermissions, ?salePrice, ?saleType, ?creationDate" | 471 | + ", ?inventoryBasePermissions, ?inventoryEveryOnePermissions, ?inventoryGroupPermissions, ?salePrice, ?saleType, ?creationDate" |
472 | + ", ?groupID, ?groupOwned, ?flags)"; | 472 | + ", ?groupID, ?groupOwned, ?flags)"; |
473 | 473 | ||
474 | string itemName = item.Name; | ||
475 | if (item.Name.Length > 64) | ||
476 | { | ||
477 | itemName = item.Name.Substring(0, 64); | ||
478 | m_log.Warn("[INVENTORY DB]: Name field truncated from " + item.Name.Length + " to " + itemName.Length + " characters on add item"); | ||
479 | } | ||
480 | |||
481 | string itemDesc = item.Description; | ||
482 | if (item.Description.Length > 128) | ||
483 | { | ||
484 | itemDesc = item.Description.Substring(0, 128); | ||
485 | m_log.Warn("[INVENTORY DB]: Description field truncated from " + item.Description.Length + " to " + itemDesc.Length + " characters on add item"); | ||
486 | } | ||
487 | |||
474 | try | 488 | try |
475 | { | 489 | { |
476 | database.CheckConnection(); | 490 | database.CheckConnection(); |
@@ -481,8 +495,8 @@ namespace OpenSim.Data.MySQL | |||
481 | result.Parameters.AddWithValue("?assetType", item.AssetType.ToString()); | 495 | result.Parameters.AddWithValue("?assetType", item.AssetType.ToString()); |
482 | result.Parameters.AddWithValue("?parentFolderID", item.Folder.ToString()); | 496 | result.Parameters.AddWithValue("?parentFolderID", item.Folder.ToString()); |
483 | result.Parameters.AddWithValue("?avatarID", item.Owner.ToString()); | 497 | result.Parameters.AddWithValue("?avatarID", item.Owner.ToString()); |
484 | result.Parameters.AddWithValue("?inventoryName", item.Name); | 498 | result.Parameters.AddWithValue("?inventoryName", itemName); |
485 | result.Parameters.AddWithValue("?inventoryDescription", item.Description); | 499 | result.Parameters.AddWithValue("?inventoryDescription", itemDesc); |
486 | result.Parameters.AddWithValue("?inventoryNextPermissions", item.NextPermissions.ToString()); | 500 | result.Parameters.AddWithValue("?inventoryNextPermissions", item.NextPermissions.ToString()); |
487 | result.Parameters.AddWithValue("?inventoryCurrentPermissions", | 501 | result.Parameters.AddWithValue("?inventoryCurrentPermissions", |
488 | item.CurrentPermissions.ToString()); | 502 | item.CurrentPermissions.ToString()); |
@@ -575,13 +589,20 @@ namespace OpenSim.Data.MySQL | |||
575 | "REPLACE INTO inventoryfolders (folderID, agentID, parentFolderID, folderName, type, version) VALUES "; | 589 | "REPLACE INTO inventoryfolders (folderID, agentID, parentFolderID, folderName, type, version) VALUES "; |
576 | sql += "(?folderID, ?agentID, ?parentFolderID, ?folderName, ?type, ?version)"; | 590 | sql += "(?folderID, ?agentID, ?parentFolderID, ?folderName, ?type, ?version)"; |
577 | 591 | ||
592 | string folderName = folder.Name; | ||
593 | if (folderName.Length > 64) | ||
594 | { | ||
595 | folderName = folderName.Substring(0, 64); | ||
596 | m_log.Warn("[INVENTORY DB]: Name field truncated from " + folder.Name.Length + " to " + folderName.Length + " characters on add folder"); | ||
597 | } | ||
598 | |||
578 | database.CheckConnection(); | 599 | database.CheckConnection(); |
579 | 600 | ||
580 | MySqlCommand cmd = new MySqlCommand(sql, database.Connection); | 601 | MySqlCommand cmd = new MySqlCommand(sql, database.Connection); |
581 | cmd.Parameters.AddWithValue("?folderID", folder.ID.ToString()); | 602 | cmd.Parameters.AddWithValue("?folderID", folder.ID.ToString()); |
582 | cmd.Parameters.AddWithValue("?agentID", folder.Owner.ToString()); | 603 | cmd.Parameters.AddWithValue("?agentID", folder.Owner.ToString()); |
583 | cmd.Parameters.AddWithValue("?parentFolderID", folder.ParentID.ToString()); | 604 | cmd.Parameters.AddWithValue("?parentFolderID", folder.ParentID.ToString()); |
584 | cmd.Parameters.AddWithValue("?folderName", folder.Name); | 605 | cmd.Parameters.AddWithValue("?folderName", folderName); |
585 | cmd.Parameters.AddWithValue("?type", (short) folder.Type); | 606 | cmd.Parameters.AddWithValue("?type", (short) folder.Type); |
586 | cmd.Parameters.AddWithValue("?version", folder.Version); | 607 | cmd.Parameters.AddWithValue("?version", folder.Version); |
587 | 608 | ||