From d99f5072448a0606e5e65ed91d32f5f05886bcaa Mon Sep 17 00:00:00 2001
From: Gabriel Pedro <gpedro@users.noreply.github.com>
Date: Sat, 30 Jul 2022 16:47:44 -0400
Subject: [PATCH] fix: query blob param escape (#200)

---
 system/libs/CreateCharacter.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/system/libs/CreateCharacter.php b/system/libs/CreateCharacter.php
index e76b4716..2f1c227c 100644
--- a/system/libs/CreateCharacter.php
+++ b/system/libs/CreateCharacter.php
@@ -253,8 +253,10 @@ class CreateCharacter
 		}
 
 		$loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$char_to_copy->getId()."");
-		foreach($loaded_items_to_copy as $save_item)
-			$db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', '".$save_item['attributes']."');");
+		foreach($loaded_items_to_copy as $save_item) {
+			$blob = addslashes($save_item['attribute']);
+			$db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', '{$blob}');");
+		}
 
 		global $twig;
 		$twig->display('success.html.twig', array(