So I've been migrating my server files to the new 1.0.4 and reviewing lots of code line by line and have noticed a few things that I think could be an issue for a lot of people going forward. The biggest thing I'm concerned with at the moment is how the new Virtual Garage system fetches and retrieves vehicles. I noticed that they added this new column "nickname" to the vehicle table and are using this to identify stored vehicles. However, this is a bad way to do this because the new nickname field is not unique in the database, and there is nothing in the serverside SQF code to prevent multiple vehicles with the same nickname being stored into the virtual garage. If someone stores multiple vehicles with the same nickname, then when they go to fetch the vehicle they will always get the first one in the table.
See below what I mean:
exile.ini: storeVehicle
UPDATE vehicle SET territory_id =?, nickname =?, last_updated_at = NOW()
exile.ini: retrieveVehicle
UPDATE vehicle SET territory_id = NULL, last_updated_at = NOW(), nickname ='' WHERE id =?
exile.ini: confirmVehicleOwnership
SELECT id, territory_id FROM vehicle WHERE nickname =?
line 33: _vehicleInfo = format["confirmVehicleOwnership:%1", _nickname] call ExileServer_system_database_query_selectSingle;
line 34:if!((_vehicleInfo select 1) isEqualTo _territoryID) then
line 35:{
line 36:throw"Vehicle does not belong to this territory!";
line 37:};...
line 64: format["retrieveVehicle:%1", _vehicleInfo select 0] call ExileServer_system_database_query_fireAndForget;
You can see the confirmVehicleOwnership fetches based on the non-unique 'nickname' column, and only does query_selectSingle so it's only going to get the first row returned, at best, or maybe even break completely if multiples rows are returned, not sure on this exactly.
But I really think someone should re-think this and do this in a different way, because this is guaranteed to cause problems for lots of people going forward. Also, it's a bit disappointing that the new virtual garage doesnt show what's in the stored vehicles inventories like the ExAd one does. Showing this somewhere would be nice.
I migrated from the old ExAd Virtual Garage and i'm having some issues fetching vehicles that I know I should be able to fetch, they have the correct territory_id and the database entry looks correct, but when I try to fetch them it says "Vehicle does not belong to this territory!" and I can't figure out why. I've commented out lines 34-37 in that retrieveVehicleRequest.sqf file for now, just to get around that issue, but I'm still troubleshooting other issues. Just thought I should post this to hopefully help some others out there who may be struggling.
Just my 2cents. Feel free to chime in with any ideas on how to fix this, or if I'm wrong and this will never be a problem for anyone please tell me how.
UPDATE 2018-03-12:
So I unpacked the exile clientside files and was looking through them and there IS something in the clientside SQF that checks for a unique vehicle "nickname". See below:
Line68: _storedVehicles = _flag getVariable ["ExileTerritoryStoredVehicles",[]];Line69: _count ={toLower(_x select 1) isEqualTo toLower(_nickName)} count _storedVehicles;Line70:if(_count >0) then
Line71:{Line72:throw format["'%1' is already in use by another vehicle.", _nickName];Line73:};
Although, I still think it would be better to have this check serverside, or do this a diff way maybe.
Edited by ]V[ȭngoʃïan Σagle ]-[unter Found new info in clientside files.
Hey,
So I've been migrating my server files to the new 1.0.4 and reviewing lots of code line by line and have noticed a few things that I think could be an issue for a lot of people going forward. The biggest thing I'm concerned with at the moment is how the new Virtual Garage system fetches and retrieves vehicles. I noticed that they added this new column "nickname" to the vehicle table and are using this to identify stored vehicles. However, this is a bad way to do this because the new nickname field is not unique in the database, and there is nothing in the serverside SQF code to prevent multiple vehicles with the same nickname being stored into the virtual garage. If someone stores multiple vehicles with the same nickname, then when they go to fetch the vehicle they will always get the first one in the table.
See below what I mean:
exile.ini: storeVehicle
exile.ini: retrieveVehicle
exile.ini: confirmVehicleOwnership
exile_server\code\ExileServer_object_vehicle_network_retrieveVehicleRequest.sqf
You can see the confirmVehicleOwnership fetches based on the non-unique 'nickname' column, and only does query_selectSingle so it's only going to get the first row returned, at best, or maybe even break completely if multiples rows are returned, not sure on this exactly.
But I really think someone should re-think this and do this in a different way, because this is guaranteed to cause problems for lots of people going forward. Also, it's a bit disappointing that the new virtual garage doesnt show what's in the stored vehicles inventories like the ExAd one does. Showing this somewhere would be nice.
I migrated from the old ExAd Virtual Garage and i'm having some issues fetching vehicles that I know I should be able to fetch, they have the correct territory_id and the database entry looks correct, but when I try to fetch them it says "Vehicle does not belong to this territory!" and I can't figure out why. I've commented out lines 34-37 in that retrieveVehicleRequest.sqf file for now, just to get around that issue, but I'm still troubleshooting other issues. Just thought I should post this to hopefully help some others out there who may be struggling.
Just my 2cents. Feel free to chime in with any ideas on how to fix this, or if I'm wrong and this will never be a problem for anyone please tell me how.
UPDATE 2018-03-12:
So I unpacked the exile clientside files and was looking through them and there IS something in the clientside SQF that checks for a unique vehicle "nickname". See below:
exile_client\code\ExileClient_gui_virtualGarageDialog_event_onConfirmButtonClicked.sqf:
Although, I still think it would be better to have this check serverside, or do this a diff way maybe.
Edited by ]V[ȭngoʃïan Σagle ]-[unterFound new info in clientside files.
Share this post
Link to post
Share on other sites