diff options
author | Melanie Thielker | 2009-06-14 21:44:34 +0000 |
---|---|---|
committer | Melanie Thielker | 2009-06-14 21:44:34 +0000 |
commit | 664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8 (patch) | |
tree | 41db60d59a2f0b46388e1e598679265dafc9d247 /OpenSim/Data/MSSQL/MSSQLEstateData.cs | |
parent | Update svn properties. (diff) | |
download | opensim-SC_OLD-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.zip opensim-SC_OLD-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.gz opensim-SC_OLD-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.bz2 opensim-SC_OLD-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.xz |
Fixes Mantis #3793 . Committing thomax/Snoopy's patch to allow deeding of objects, with changes:
- Set OwnerID = GroupID for deeded objects.
- Close a security loophole that would have allowed a user with deed rights in a group to deed ANY object to that group, even if it's not owned by them and/or not set to that group
- Set LastOwnerID correctly. Handle objects vs. prims correctly.
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Data/MSSQL/MSSQLEstateData.cs | 61 |
1 files changed, 1 insertions, 60 deletions
diff --git a/OpenSim/Data/MSSQL/MSSQLEstateData.cs b/OpenSim/Data/MSSQL/MSSQLEstateData.cs index 29aa2c0..c0c6349 100644 --- a/OpenSim/Data/MSSQL/MSSQLEstateData.cs +++ b/OpenSim/Data/MSSQL/MSSQLEstateData.cs | |||
@@ -124,16 +124,11 @@ namespace OpenSim.Data.MSSQL | |||
124 | } | 124 | } |
125 | else if (_FieldMap[name].GetValue(es) is UUID) | 125 | else if (_FieldMap[name].GetValue(es) is UUID) |
126 | { | 126 | { |
127 | // UUID uuid; | ||
128 | // UUID.TryParse(reader[name].ToString(), out uuid); | ||
129 | |||
130 | _FieldMap[name].SetValue(es, new UUID((Guid) reader[name])); // uuid); | 127 | _FieldMap[name].SetValue(es, new UUID((Guid) reader[name])); // uuid); |
131 | } | 128 | } |
132 | else | 129 | else |
133 | { | 130 | { |
134 | es.EstateID = Convert.ToUInt32(reader["EstateID"].ToString()); | 131 | es.EstateID = Convert.ToUInt32(reader["EstateID"].ToString()); |
135 | //Problems converting a Int32 to a UInt32 | ||
136 | //_FieldMap[name].SetValue(es, reader["EstateID"]); | ||
137 | } | 132 | } |
138 | } | 133 | } |
139 | } | 134 | } |
@@ -163,28 +158,7 @@ namespace OpenSim.Data.MSSQL | |||
163 | foreach (string name in names) | 158 | foreach (string name in names) |
164 | { | 159 | { |
165 | insertCommand.Parameters.Add(_Database.CreateParameter("@" + name, _FieldMap[name].GetValue(es))); | 160 | insertCommand.Parameters.Add(_Database.CreateParameter("@" + name, _FieldMap[name].GetValue(es))); |
166 | // if (_FieldMap[name].GetValue(es) is bool) | ||
167 | // { | ||
168 | // SqlParameter tempBool = new SqlParameter("@" + name, SqlDbType.Bit); | ||
169 | // | ||
170 | // if ((bool) _FieldMap[name].GetValue(es)) | ||
171 | // tempBool.Value = 1; | ||
172 | // else | ||
173 | // tempBool.Value = 0; | ||
174 | // | ||
175 | // insertCommand.Parameters.Add(tempBool); | ||
176 | // } | ||
177 | // else | ||
178 | // { | ||
179 | // //cmd.Parameters.AddWithValue("@" + name, _FieldMap[name].GetValue(es)); | ||
180 | // SqlParameter tempPar = new SqlParameter("@" + name, | ||
181 | // _Database.DbtypeFromType(_FieldMap[name].FieldType)); | ||
182 | // tempPar.Value = _FieldMap[name].GetValue(es).ToString(); | ||
183 | // | ||
184 | // insertCommand.Parameters.Add(tempPar); | ||
185 | // } | ||
186 | } | 161 | } |
187 | // insertCommand.Parameters.Add(_Database.CreateParameter("@ID", es.EstateID, true)); | ||
188 | SqlParameter idParameter = new SqlParameter("@ID", SqlDbType.Int); | 162 | SqlParameter idParameter = new SqlParameter("@ID", SqlDbType.Int); |
189 | idParameter.Direction = ParameterDirection.Output; | 163 | idParameter.Direction = ParameterDirection.Output; |
190 | insertCommand.Parameters.Add(idParameter); | 164 | insertCommand.Parameters.Add(idParameter); |
@@ -211,7 +185,6 @@ namespace OpenSim.Data.MSSQL | |||
211 | } | 185 | } |
212 | 186 | ||
213 | // Munge and transfer the ban list | 187 | // Munge and transfer the ban list |
214 | // | ||
215 | 188 | ||
216 | sql = string.Format("insert into estateban select {0}, bannedUUID, bannedIp, bannedIpHostMask, '' from regionban where regionban.regionUUID = @UUID", es.EstateID); | 189 | sql = string.Format("insert into estateban select {0}, bannedUUID, bannedIp, bannedIpHostMask, '' from regionban where regionban.regionUUID = @UUID", es.EstateID); |
217 | using (AutoClosingSqlCommand cmd = _Database.Query(sql)) | 190 | using (AutoClosingSqlCommand cmd = _Database.Query(sql)) |
@@ -253,7 +226,7 @@ namespace OpenSim.Data.MSSQL | |||
253 | 226 | ||
254 | names.Remove("EstateID"); | 227 | names.Remove("EstateID"); |
255 | 228 | ||
256 | string sql = string.Format("UPDATE estate_settings SET ") ; // ({0}) values ( @{1}) WHERE EstateID = @EstateID", String.Join(",", names.ToArray()), String.Join(", @", names.ToArray())); | 229 | string sql = string.Format("UPDATE estate_settings SET ") ; |
257 | foreach (string name in names) | 230 | foreach (string name in names) |
258 | { | 231 | { |
259 | sql += name + " = @" + name + ", "; | 232 | sql += name + " = @" + name + ", "; |
@@ -266,33 +239,9 @@ namespace OpenSim.Data.MSSQL | |||
266 | foreach (string name in names) | 239 | foreach (string name in names) |
267 | { | 240 | { |
268 | cmd.Parameters.Add(_Database.CreateParameter("@" + name, _FieldMap[name].GetValue(es))); | 241 | cmd.Parameters.Add(_Database.CreateParameter("@" + name, _FieldMap[name].GetValue(es))); |
269 | // if (_FieldMap[name].GetValue(es) is bool) | ||
270 | // { | ||
271 | // SqlParameter tempBool = new SqlParameter("@" + name, SqlDbType.Bit); | ||
272 | // | ||
273 | // if ((bool)_FieldMap[name].GetValue(es)) | ||
274 | // tempBool.Value = 1; | ||
275 | // else | ||
276 | // tempBool.Value = 0; | ||
277 | // | ||
278 | // cmd.Parameters.Add(tempBool); | ||
279 | // } | ||
280 | // else | ||
281 | // { | ||
282 | // //cmd.Parameters.AddWithValue("@" + name, _FieldMap[name].GetValue(es)); | ||
283 | // SqlParameter tempPar = new SqlParameter("@" + name, | ||
284 | // _Database.DbtypeFromType(_FieldMap[name].FieldType)); | ||
285 | // tempPar.Value = _FieldMap[name].GetValue(es).ToString(); | ||
286 | // | ||
287 | // cmd.Parameters.Add(tempPar); | ||
288 | // } | ||
289 | } | 242 | } |
290 | 243 | ||
291 | cmd.Parameters.Add(_Database.CreateParameter("@EstateID", es.EstateID)); | 244 | cmd.Parameters.Add(_Database.CreateParameter("@EstateID", es.EstateID)); |
292 | // SqlParameter idParameter = new SqlParameter("@EstateID", SqlDbType.Int); | ||
293 | // idParameter.Value = es.EstateID; | ||
294 | // cmd.Parameters.Add(idParameter); | ||
295 | |||
296 | cmd.ExecuteNonQuery(); | 245 | cmd.ExecuteNonQuery(); |
297 | } | 246 | } |
298 | 247 | ||
@@ -329,9 +278,6 @@ namespace OpenSim.Data.MSSQL | |||
329 | { | 278 | { |
330 | EstateBan eb = new EstateBan(); | 279 | EstateBan eb = new EstateBan(); |
331 | 280 | ||
332 | // UUID uuid; | ||
333 | // UUID.TryParse(reader["bannedUUID"].ToString(), out uuid); | ||
334 | |||
335 | eb.BannedUserID = new UUID((Guid)reader["bannedUUID"]); //uuid; | 281 | eb.BannedUserID = new UUID((Guid)reader["bannedUUID"]); //uuid; |
336 | eb.BannedHostAddress = "0.0.0.0"; | 282 | eb.BannedHostAddress = "0.0.0.0"; |
337 | eb.BannedHostIPMask = "0.0.0.0"; | 283 | eb.BannedHostIPMask = "0.0.0.0"; |
@@ -355,11 +301,6 @@ namespace OpenSim.Data.MSSQL | |||
355 | { | 301 | { |
356 | while (reader.Read()) | 302 | while (reader.Read()) |
357 | { | 303 | { |
358 | // EstateBan eb = new EstateBan(); | ||
359 | |||
360 | // UUID uuid; | ||
361 | // UUID.TryParse(reader["uuid"].ToString(), out uuid); | ||
362 | |||
363 | uuids.Add(new UUID((Guid)reader["uuid"])); //uuid); | 304 | uuids.Add(new UUID((Guid)reader["uuid"])); //uuid); |
364 | } | 305 | } |
365 | } | 306 | } |