From 3c23f5556dcdc1e8047d591f6d74b2f85db8c749 Mon Sep 17 00:00:00 2001
From: server <server@jakubkadlec.dev>
Date: Mon, 13 Apr 2026 23:29:28 +0200
Subject: [PATCH] db: simplify player save escaping

---
 src/db/ClientManagerPlayer.cpp | 36 ++++++++++++++++------------------
 1 file changed, 17 insertions(+), 19 deletions(-)

diff --git a/src/db/ClientManagerPlayer.cpp b/src/db/ClientManagerPlayer.cpp
index bd96747..45478eb 100644
--- a/src/db/ClientManagerPlayer.cpp
+++ b/src/db/ClientManagerPlayer.cpp
@@ -92,6 +92,10 @@ size_t CreatePlayerSaveQuery(char * pszQuery, size_t querySize, TPlayerTable * p
 {
 	size_t queryLen;
 	const std::string escapedIp = CDBManager::instance().EscapeStringCopy(pkTab->ip, strnlen(pkTab->ip, sizeof(pkTab->ip)));
+	const std::string escapedSkillLevel = CDBManager::instance().EscapeStringCopy(
+		reinterpret_cast<const char*>(pkTab->skills), sizeof(pkTab->skills));
+	const std::string escapedQuickslot = CDBManager::instance().EscapeStringCopy(
+		reinterpret_cast<const char*>(pkTab->quickslot), sizeof(pkTab->quickslot));
 
 	queryLen = snprintf(pszQuery, querySize,
 			"UPDATE player%s SET "
@@ -165,26 +169,20 @@ size_t CreatePlayerSaveQuery(char * pszQuery, size_t querySize, TPlayerTable * p
 		pkTab->skill_point,
 		pkTab->sub_skill_point,
 		pkTab->stat_reset_count,
-		escapedIp.c_str(),
-		pkTab->parts[PART_MAIN],
-		pkTab->parts[PART_HAIR],
-		pkTab->skill_group,
-		static_cast<long>(pkTab->lAlignment),
-		pkTab->horse.bLevel,
-		pkTab->horse.bRiding,
-		pkTab->horse.sHealth,
-		pkTab->horse.dwHorseHealthDropTime,
-		pkTab->horse.sStamina,
-		pkTab->horse_skill_point);
+			escapedIp.c_str(),
+			pkTab->parts[PART_MAIN],
+			pkTab->parts[PART_HAIR],
+			pkTab->skill_group,
+			static_cast<long>(pkTab->lAlignment),
+			pkTab->horse.bLevel,
+			pkTab->horse.bRiding,
+			pkTab->horse.sHealth,
+			pkTab->horse.dwHorseHealthDropTime,
+			pkTab->horse.sStamina,
+			pkTab->horse_skill_point);
 
-	// Binary 로 바꾸기 위한 임시 공간
-	static char text[8192 + 1];
-
-	CDBManager::instance().EscapeString(text, pkTab->skills, sizeof(pkTab->skills));
-	queryLen += snprintf(pszQuery + queryLen, querySize - queryLen, "skill_level = '%s', ", text);
-
-	CDBManager::instance().EscapeString(text, pkTab->quickslot, sizeof(pkTab->quickslot));
-	queryLen += snprintf(pszQuery + queryLen, querySize - queryLen, "quickslot = '%s' ", text);
+	queryLen += snprintf(pszQuery + queryLen, querySize - queryLen, "skill_level = '%s', ", escapedSkillLevel.c_str());
+	queryLen += snprintf(pszQuery + queryLen, querySize - queryLen, "quickslot = '%s' ", escapedQuickslot.c_str());
 
 	queryLen += snprintf(pszQuery + queryLen, querySize - queryLen, " WHERE id=%d", pkTab->id);
 	return queryLen;