-
Notifications
You must be signed in to change notification settings - Fork 38
Новые команды setallbalance и setbalance #257
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Про ранний выход и не слышал.
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
Content.Server/Administration/Commands/CorvaxSetBalanceCommand.cs
Outdated
Show resolved
Hide resolved
{ | ||
var loc = IoCManager.Resolve<ILocalizationManager>(); | ||
var set_balance = 0; | ||
int.TryParse(args[1], out set_balance); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Вот этот мусор сделает всем плохо.
await using var db = await GetDb(); | ||
await db.DbContext.Database.ExecuteSqlAsync($"""UPDATE profile SET bank_balance = {set_balance}"""); | ||
await db.DbContext.SaveChangesAsync(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
SQL инъекции привет передают
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
var parameters = new[]
{
new SqlParameter("@balance", setBalance),
};
await db.DbContext.Database.ExecuteSqlRawAsync(query, parameters);
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@JerryImMouse а ты видишь какие параметры передаются в функцию? Как ты строку в инт передашь?
Пусть висит в открытых, это на новый год. |
🙃 |
setallbalance и setbalance команды по заказу кмина
ДЛЯ РАБОТЫ КОМАНД НАДО ПЕРЕЗАГРУЗИТЬ СЕРВЕР ТАК КАК ОНИ МЕНЯЮТ ДАННЫЕ В БАЗЕ ДАННЫХ.
То есть можно засетать 0 даже тому кто сейчас не на сервере