Mirror/Erupe
1
0
Fork 0
mirror of https://github.com/Mezeporta/Erupe.git synced 2026-03-26 17:43:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(usercheck): issues with strong passwords.

Browse Source
This commit is contained in:
Houmgaor
2025-11-24 01:17:01 +01:00
parent c03a59b65a
commit c2b51f267c
1 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
tools/usercheck/db.go
View File

@@ -167,9 +167,10 @@ func connectDB(cfg *DBConfig) (*sql.DB, error) {
return nil, err return nil, err
} }
// Use single quotes around values to handle special characters in passwords
connStr := fmt.Sprintf( connStr := fmt.Sprintf(
"host=%s port=%d user=%s password=%s dbname=%s sslmode=disable", "host='%s' port='%d' user='%s' password='%s' dbname='%s' sslmode=disable",
cfg.Host, cfg.Port, cfg.User, cfg.Password, cfg.DBName, cfg.Host, cfg.Port, cfg.User, escapeConnStringValue(cfg.Password), cfg.DBName,
) )
db, err := sql.Open("postgres", connStr) db, err := sql.Open("postgres", connStr)
@@ -185,6 +186,24 @@ func connectDB(cfg *DBConfig) (*sql.DB, error) {
return db, nil return db, nil
} }
// escapeConnStringValue escapes single quotes in connection string values.
func escapeConnStringValue(s string) string {
// In PostgreSQL connection strings, single quotes inside quoted values
// must be escaped by doubling them
result := ""
for _, c := range s {
switch c {
case '\'':
result += "''"
case '\\':
result += "\\\\"
default:
result += string(c)
}
}
return result
}
// ConnectedUser represents a user currently connected to the server. // ConnectedUser represents a user currently connected to the server.
type ConnectedUser struct { type ConnectedUser struct {
CharID uint32 CharID uint32