* Apply similar bounds checks on name and description fields on MSSQL UpdateAsset
parent
a3f4330c87
commit
b67c1f5086
|
@ -81,7 +81,6 @@ namespace OpenSim.Data.MSSQL
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
||||||
IniFile gridDataMSSqlFile = new IniFile("mssql_connection.ini");
|
IniFile gridDataMSSqlFile = new IniFile("mssql_connection.ini");
|
||||||
string settingDataSource = gridDataMSSqlFile.ParseFileReadValue("data_source");
|
string settingDataSource = gridDataMSSqlFile.ParseFileReadValue("data_source");
|
||||||
string settingInitialCatalog = gridDataMSSqlFile.ParseFileReadValue("initial_catalog");
|
string settingInitialCatalog = gridDataMSSqlFile.ParseFileReadValue("initial_catalog");
|
||||||
|
@ -159,24 +158,28 @@ namespace OpenSim.Data.MSSQL
|
||||||
{
|
{
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
string sql = @"INSERT INTO assets
|
string sql = @"INSERT INTO assets
|
||||||
([id], [name], [description], [assetType], [local],
|
([id], [name], [description], [assetType], [local],
|
||||||
[temporary], [create_time], [access_time], [data])
|
[temporary], [create_time], [access_time], [data])
|
||||||
VALUES
|
VALUES
|
||||||
(@id, @name, @description, @assetType, @local,
|
(@id, @name, @description, @assetType, @local,
|
||||||
@temporary, @create_time, @access_time, @data)";
|
@temporary, @create_time, @access_time, @data)";
|
||||||
string assetName = asset.Name;
|
|
||||||
|
string assetName = asset.Name;
|
||||||
if (asset.Name.Length > 64)
|
if (asset.Name.Length > 64)
|
||||||
{
|
{
|
||||||
assetName = asset.Name.Substring(0, 64);
|
assetName = asset.Name.Substring(0, 64);
|
||||||
m_log.Warn("[ASSET DB]: Name field truncated from " + asset.Name.Length.ToString() + " to " + assetName.Length.ToString() + " characters");
|
m_log.Warn("[ASSET DB]: Name field truncated from " + asset.Name.Length + " to " + assetName.Length + " characters on add");
|
||||||
}
|
}
|
||||||
|
|
||||||
string assetDescription = asset.Description;
|
string assetDescription = asset.Description;
|
||||||
if (asset.Description.Length > 64)
|
if (asset.Description.Length > 64)
|
||||||
{
|
{
|
||||||
assetDescription = asset.Description.Substring(0, 64);
|
assetDescription = asset.Description.Substring(0, 64);
|
||||||
m_log.Warn("[ASSET DB]: Description field truncated from " + asset.Description.Length.ToString() + " to " + assetDescription.Length.ToString() + " characters");
|
m_log.Warn("[ASSET DB]: Description field truncated from " + asset.Description.Length + " to " + assetDescription.Length + " characters on add");
|
||||||
}
|
}
|
||||||
|
|
||||||
using (AutoClosingSqlCommand command = m_database.Query(sql))
|
using (AutoClosingSqlCommand command = m_database.Query(sql))
|
||||||
{
|
{
|
||||||
int now = (int)((System.DateTime.Now.Ticks - m_ticksToEpoch) / 10000000);
|
int now = (int)((System.DateTime.Now.Ticks - m_ticksToEpoch) / 10000000);
|
||||||
|
@ -210,11 +213,26 @@ namespace OpenSim.Data.MSSQL
|
||||||
string sql = @"UPDATE assets set id = @id, name = @name, description = @description, assetType = @assetType,
|
string sql = @"UPDATE assets set id = @id, name = @name, description = @description, assetType = @assetType,
|
||||||
local = @local, temporary = @temporary, data = @data
|
local = @local, temporary = @temporary, data = @data
|
||||||
WHERE id = @keyId;";
|
WHERE id = @keyId;";
|
||||||
|
|
||||||
|
string assetName = asset.Name;
|
||||||
|
if (asset.Name.Length > 64)
|
||||||
|
{
|
||||||
|
assetName = asset.Name.Substring(0, 64);
|
||||||
|
m_log.Warn("[ASSET DB]: Name field truncated from " + asset.Name.Length + " to " + assetName.Length + " characters on update");
|
||||||
|
}
|
||||||
|
|
||||||
|
string assetDescription = asset.Description;
|
||||||
|
if (asset.Description.Length > 64)
|
||||||
|
{
|
||||||
|
assetDescription = asset.Description.Substring(0, 64);
|
||||||
|
m_log.Warn("[ASSET DB]: Description field truncated from " + asset.Description.Length + " to " + assetDescription.Length + " characters on update");
|
||||||
|
}
|
||||||
|
|
||||||
using (AutoClosingSqlCommand command = m_database.Query(sql))
|
using (AutoClosingSqlCommand command = m_database.Query(sql))
|
||||||
{
|
{
|
||||||
command.Parameters.Add(m_database.CreateParameter("id", asset.FullID));
|
command.Parameters.Add(m_database.CreateParameter("id", asset.FullID));
|
||||||
command.Parameters.Add(m_database.CreateParameter("name", asset.Name));
|
command.Parameters.Add(m_database.CreateParameter("name", assetName));
|
||||||
command.Parameters.Add(m_database.CreateParameter("description", asset.Description));
|
command.Parameters.Add(m_database.CreateParameter("description", assetDescription));
|
||||||
command.Parameters.Add(m_database.CreateParameter("assetType", asset.Type));
|
command.Parameters.Add(m_database.CreateParameter("assetType", asset.Type));
|
||||||
command.Parameters.Add(m_database.CreateParameter("local", asset.Local));
|
command.Parameters.Add(m_database.CreateParameter("local", asset.Local));
|
||||||
command.Parameters.Add(m_database.CreateParameter("temporary", asset.Temporary));
|
command.Parameters.Add(m_database.CreateParameter("temporary", asset.Temporary));
|
||||||
|
@ -279,6 +297,7 @@ namespace OpenSim.Data.MSSQL
|
||||||
string sql = @"SELECT (name,description,assetType,temporary,id), Row = ROW_NUMBER()
|
string sql = @"SELECT (name,description,assetType,temporary,id), Row = ROW_NUMBER()
|
||||||
OVER (ORDER BY (some column to order by))
|
OVER (ORDER BY (some column to order by))
|
||||||
WHERE Row >= @Start AND Row < @Start + @Count";
|
WHERE Row >= @Start AND Row < @Start + @Count";
|
||||||
|
|
||||||
using (AutoClosingSqlCommand command = m_database.Query(sql))
|
using (AutoClosingSqlCommand command = m_database.Query(sql))
|
||||||
{
|
{
|
||||||
command.Parameters.Add(m_database.CreateParameter("start", start));
|
command.Parameters.Add(m_database.CreateParameter("start", start));
|
||||||
|
|
Loading…
Reference in New Issue