From 2f77b31cb80b1383105469b0b35128ca848794ed Mon Sep 17 00:00:00 2001
From: server <server@jakubkadlec.dev>
Date: Mon, 13 Apr 2026 23:22:01 +0200
Subject: [PATCH] game: simplify escaped string handling

---
 src/game/guild.cpp             | 13 +++++--------
 src/game/messenger_manager.cpp | 29 +++++++++++++----------------
 2 files changed, 18 insertions(+), 24 deletions(-)

diff --git a/src/game/guild.cpp b/src/game/guild.cpp
index 0f7d95a..de7d32f 100644
--- a/src/game/guild.cpp
+++ b/src/game/guild.cpp
@@ -814,11 +814,10 @@ void CGuild::SendDBSkillUpdate(int amount)
 
 void CGuild::SaveSkill()
 {
-	char text[GUILD_SKILL_COUNT * 2 + 1];
-
-	DBManager::instance().EscapeString(text, sizeof(text), (const char *) m_data.abySkill, sizeof(m_data.abySkill));
+	const std::string escapedSkillData = DBManager::instance().EscapeStringCopy(
+		reinterpret_cast<const char*>(m_data.abySkill), sizeof(m_data.abySkill));
 	DBManager::instance().Query("UPDATE guild%s SET sp = %d, skill_point=%d, skill='%s' WHERE id = %u",
-			get_table_postfix(), m_data.power, m_data.skill_point, text, m_data.guild_id);
+			get_table_postfix(), m_data.power, m_data.skill_point, escapedSkillData.c_str(), m_data.guild_id);
 }
 
 TGuildMember* CGuild::GetMember(DWORD pid)
@@ -963,10 +962,8 @@ void CGuild::ChangeGradeName(BYTE grade, const char* grade_name)
 	if (!*grade_name)
 		return;
 
-	char text[GUILD_NAME_MAX_LEN * 2 + 1];
-
-	DBManager::instance().EscapeString(text, sizeof(text), grade_name, strlen(grade_name));
-	DBManager::instance().FuncAfterQuery(FSendChangeGrade(GetID(), grade), "UPDATE guild_grade%s SET name = '%s' where guild_id = %u and grade = %d", get_table_postfix(), text, m_data.guild_id, grade);
+	const std::string escapedGradeName = DBManager::instance().EscapeStringCopy(grade_name, strlen(grade_name));
+	DBManager::instance().FuncAfterQuery(FSendChangeGrade(GetID(), grade), "UPDATE guild_grade%s SET name = '%s' where guild_id = %u and grade = %d", get_table_postfix(), escapedGradeName.c_str(), m_data.guild_id, grade);
 
 	grade--;
 	strlcpy(m_data.grade_array[grade].grade_name, grade_name, sizeof(m_data.grade_array[grade].grade_name));
diff --git a/src/game/messenger_manager.cpp b/src/game/messenger_manager.cpp
index 67447eb..0d6f68d 100644
--- a/src/game/messenger_manager.cpp
+++ b/src/game/messenger_manager.cpp
@@ -13,9 +13,6 @@
 #include "questmanager.h"
 #include "libsql/Statement.h"
 
-static char __account[CHARACTER_NAME_MAX_LEN * 2 + 1];
-static char __companion[CHARACTER_NAME_MAX_LEN * 2 + 1];
-
 namespace
 {
 	bool PrepareMessengerStmt(CStmt& stmt, const std::string& query)
@@ -149,9 +146,9 @@ void MessengerManager::Login(MessengerManager::keyA account)
 	if (m_set_loginAccount.find(account) != m_set_loginAccount.end())
 		return;
 
-	DBManager::instance().EscapeString(__account, sizeof(__account), account.c_str(), account.size());
+	const std::string escapedAccount = DBManager::instance().EscapeStringCopy(account.c_str(), account.size());
 
-	if (account.compare(__account))
+	if (account != escapedAccount)
 		return;
 
 	m_set_loginAccount.insert(account);
@@ -583,10 +580,10 @@ void MessengerManager::AddToList(MessengerManager::keyA account, MessengerManage
 	if (m_Relation[account].find(companion) != m_Relation[account].end())
 		return;
 
-	DBManager::instance().EscapeString(__account, sizeof(__account), account.c_str(), account.size());
-	DBManager::instance().EscapeString(__companion, sizeof(__companion), companion.c_str(), companion.size());
+	const std::string escapedAccount = DBManager::instance().EscapeStringCopy(account.c_str(), account.size());
+	const std::string escapedCompanion = DBManager::instance().EscapeStringCopy(companion.c_str(), companion.size());
 
-	if (account.compare(__account) || companion.compare(__companion))
+	if (account != escapedAccount || companion != escapedCompanion)
 		return;
 
 	sys_log(0, "Messenger Add %s %s", account.c_str(), companion.c_str());
@@ -649,11 +646,11 @@ void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerM
 	if (companion.size() == 0)
 		return;
 	
-	DBManager::instance().EscapeString(__account, sizeof(__account), account.c_str(), account.size());
-    DBManager::instance().EscapeString(__companion, sizeof(__companion), companion.c_str(), companion.size());
-  
-    if (account.compare(__account) || companion.compare(__companion))
-        return;
+	const std::string escapedAccount = DBManager::instance().EscapeStringCopy(account.c_str(), account.size());
+	const std::string escapedCompanion = DBManager::instance().EscapeStringCopy(companion.c_str(), companion.size());
+
+	if (account != escapedAccount || companion != escapedCompanion)
+		return;
 
 	sys_log(1, "Messenger Remove %s %s", account.c_str(), companion.c_str());
 
@@ -682,10 +679,10 @@ void MessengerManager::RemoveAllList(keyA account)
 {
 	std::set<keyT>	company(m_Relation[account]);
 
-    DBManager::instance().EscapeString(__account, sizeof(__account), account.c_str(), account.size());
+	const std::string escapedAccount = DBManager::instance().EscapeStringCopy(account.c_str(), account.size());
 
-	if (account.compare(__account))
-        	return;
+	if (account != escapedAccount)
+		return;
 
 	/* SQL Data 삭제 */
 	DeleteAllMessengerRelations(account);