Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(server/player) sanitize player name & limit to 50 chars for db constraints #612

Closed
wants to merge 1 commit into from
Closed

fix(server/player) sanitize player name & limit to 50 chars for db constraints #612

wants to merge 1 commit into from

Conversation

blaaaak
Copy link

@blaaaak blaaaak commented Oct 27, 2024

fix(server/player) sanitize player name, limit to 50 chars for db constraints

Description

  • Fixes when players with super long names join and try to create a character, the name would be too long for the name column in the players table and cause errors.
  • Added basic string sanitization to remove any non A-Z 0-9 characters.

Added a

Checklist

  • I have personally loaded this code into an updated Qbox project and checked all of its functionality.
  • My pull request fits the contribution guidelines & code conventions.

mafewtm
mafewtm reviewed Oct 27, 2024
View reviewed changes
server/player.lua
@@ -425,7 +425,7 @@ function CheckPlayerData(source, playerData)
if source then
playerData.source = source
playerData.license = playerData.license or GetPlayerIdentifierByType(source --[[@as string]], 'license2') or GetPlayerIdentifierByType(source --[[@as string]], 'license')
playerData.name = GetPlayerName(source)
playerData.name = string.sub(GetPlayerName(source):gsub('[^%w%s]', ''), 1, 50)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The DB allows names to be 255 characters as its set to varchar(255). I don't think the player name should be touched what so ever in my opinion.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image
Do I have an old version of the SQL, this was ran from the qbx_core resource, sets the "name" to 50.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do see this now, my apologies not entirely sure why the database set it to 50 for me.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nvm I missed this, the player table is altered to set 'name' to varchar(50)

https://github.com/Qbox-project/qbx_core/blob/main/qbx_core.sql#L24-L25

@blaaaak blaaaak closed this Oct 27, 2024
@mafewtm mafewtm mentioned this pull request Oct 27, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mafewtm mafewtm mafewtm left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@blaaaak @mafewtm