From 535f5b8bde4d6042b63304a4ee78a83205814f9b Mon Sep 17 00:00:00 2001
From: kervala <devnull@localhost>
Date: Tue, 18 Oct 2016 17:44:47 +0200
Subject: [PATCH] Fixed: Possible SQL injection, fixes #297

---
 code/ryzom/server/src/monitor_service/service_main.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/code/ryzom/server/src/monitor_service/service_main.cpp b/code/ryzom/server/src/monitor_service/service_main.cpp
index bf092bbae..b74830665 100644
--- a/code/ryzom/server/src/monitor_service/service_main.cpp
+++ b/code/ryzom/server/src/monitor_service/service_main.cpp
@@ -379,8 +379,12 @@ void clientAuthentication(CMessage &msgin, TSockId from, CCallbackNetBase &netba
 		{
 			if (!Clients[i]->BadLogin) // don't allow new login attempt while thisflag is set
 			{
+				// escape login
+				char esccapedLogin[100];
+				size_t len = mysql_real_escape_string(DatabaseConnection, esccapedLogin, login.c_str(), login.length());
+
 				// make a db request to to db to see if password is valid
-				std::string queryStr = toString("SELECT Password FROM user where Login='%s'", login.c_str());
+				std::string queryStr = toString("SELECT Password FROM user where Login='%s'", esccapedLogin);
 				int result = mysql_query(DatabaseConnection, queryStr.c_str());
 				if (result == 0)
 				{