From 4b3d11ccaba3af069e0e88d82a9403bec9f70a9c Mon Sep 17 00:00:00 2001 From: Luck Date: Sun, 29 Jul 2018 17:14:48 -0700 Subject: [PATCH] More SQL escaping (#1091 & #1126) Follows from c16630c32b5385173c22b937a55c1d0efe1c3620 --- .../luckperms/common/storage/dao/sql/SqlDao.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/common/src/main/java/me/lucko/luckperms/common/storage/dao/sql/SqlDao.java b/common/src/main/java/me/lucko/luckperms/common/storage/dao/sql/SqlDao.java index 6675e538a..0b9311098 100644 --- a/common/src/main/java/me/lucko/luckperms/common/storage/dao/sql/SqlDao.java +++ b/common/src/main/java/me/lucko/luckperms/common/storage/dao/sql/SqlDao.java @@ -102,12 +102,12 @@ public class SqlDao extends AbstractDao { private static final String GROUP_PERMISSIONS_INSERT = "INSERT INTO {prefix}group_permissions(name, permission, value, server, world, expiry, contexts) VALUES(?, ?, ?, ?, ?, ?, ?)"; private static final String GROUP_PERMISSIONS_SELECT_PERMISSION = "SELECT name, permission, value, server, world, expiry, contexts FROM {prefix}group_permissions WHERE "; - private static final String GROUP_SELECT_ALL = "SELECT name FROM {prefix}groups"; - private static final String MYSQL_GROUP_INSERT = "INSERT INTO {prefix}groups (name) VALUES(?) ON DUPLICATE KEY UPDATE name=name"; - private static final String H2_GROUP_INSERT = "MERGE INTO {prefix}groups (name) VALUES(?)"; - private static final String SQLITE_GROUP_INSERT = "INSERT OR IGNORE INTO {prefix}groups (name) VALUES(?)"; - private static final String POSTGRESQL_GROUP_INSERT = "INSERT INTO {prefix}groups (name) VALUES(?) ON CONFLICT (name) DO NOTHING"; - private static final String GROUP_DELETE = "DELETE FROM {prefix}groups WHERE name=?"; + private static final String GROUP_SELECT_ALL = "SELECT name FROM '{prefix}groups'"; + private static final String MYSQL_GROUP_INSERT = "INSERT INTO '{prefix}groups' (name) VALUES(?) ON DUPLICATE KEY UPDATE name=name"; + private static final String H2_GROUP_INSERT = "MERGE INTO '{prefix}groups' (name) VALUES(?)"; + private static final String SQLITE_GROUP_INSERT = "INSERT OR IGNORE INTO '{prefix}groups' (name) VALUES(?)"; + private static final String POSTGRESQL_GROUP_INSERT = "INSERT INTO '{prefix}groups' (name) VALUES(?) ON CONFLICT (name) DO NOTHING"; + private static final String GROUP_DELETE = "DELETE FROM '{prefix}groups' WHERE name=?"; private static final String TRACK_INSERT = "INSERT INTO {prefix}tracks (name, 'groups') VALUES(?, ?)"; private static final String TRACK_SELECT = "SELECT 'groups' FROM {prefix}tracks WHERE name=?";