Qdels queries, adds sleep safety checks, DBcore checks for leaks (#38363)

* Qdels all queries, adds sleep handling

* DB Core messages admins about undeleted queries

* Compile fixes. Adds missing set waitfor

* Remove world/New shennanigans. Add DBQuery/BlockingExecute()

* Less spammy notifications to admins about undeleted queries

* Increase dbcore fire time to 1 minute

* Upgrade undeleted query warning

* Better place of death

* Fix build

* Remove BlockingExecute, see BSQL PR for why

* Yep, missed that one.

* Psyche, that's the WRONG QUERY!!

code/__HELPERS/game.dm

@@ -433,7 +433,7 @@
 			if(!gametypeCheck.age_check(M.client))
 				continue
 		if(jobbanType)
-			if(jobban_isbanned(M, jobbanType) || jobban_isbanned(M, ROLE_SYNDICATE))
+			if(jobban_isbanned(M, jobbanType) || QDELETED(M) || jobban_isbanned(M, ROLE_SYNDICATE) || QDELETED(M))
 				continue
 
 		showCandidatePollWindow(M, poll_time, Question, result, ignore_category, time_passed, flashwindow)

code/__HELPERS/roundend.dm

@@ -525,6 +525,8 @@
 		return
 	var/datum/DBQuery/query_admin_rank_update = SSdbcore.NewQuery("UPDATE [format_table_name("player")] p INNER JOIN [format_table_name("admin")] a ON p.ckey = a.ckey SET p.lastadminrank = a.rank")
 	query_admin_rank_update.Execute()
+	qdel(query_admin_rank_update)
+
 	//json format backup file generation stored per server
 	var/json_file = file("data/admins_backup.json")
 	var/list/file_data = list("ranks" = list(), "admins" = list())

code/controllers/subsystem/blackbox.dm

@@ -24,6 +24,17 @@ SUBSYSTEM_DEF(blackbox)
 
 //poll population
 /datum/controller/subsystem/blackbox/fire()
+	set waitfor = FALSE	//for population query
+
+	CheckPlayerCount()
+
+	if(CONFIG_GET(flag/use_exp_tracking))
+		if((triggertime < 0) || (world.time > (triggertime +3000)))	//subsystem fires once at roundstart then once every 10 minutes. a 5 min check skips the first fire. The <0 is midnight rollover check
+			update_exp(10,FALSE)
+
+/datum/controller/subsystem/blackbox/proc/CheckPlayerCount()
+	set waitfor = FALSE
+
 	if(!SSdbcore.Connect())
 		return
 	var/playercount = 0
@@ -33,11 +44,7 @@ SUBSYSTEM_DEF(blackbox)
 	var/admincount = GLOB.admins.len
 	var/datum/DBQuery/query_record_playercount = SSdbcore.NewQuery("INSERT INTO [format_table_name("legacy_population")] (playercount, admincount, time, server_ip, server_port, round_id) VALUES ([playercount], [admincount], '[SQLtime()]', INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')), '[world.port]', '[GLOB.round_id]')")
 	query_record_playercount.Execute()
-
+	qdel(query_record_playercount)
-	if(CONFIG_GET(flag/use_exp_tracking))
-		if((triggertime < 0) || (world.time > (triggertime +3000)))	//subsystem fires once at roundstart then once every 10 minutes. a 5 min check skips the first fire. The <0 is midnight rollover check
-			update_exp(10,FALSE)
-
 
 /datum/controller/subsystem/blackbox/Recover()
 	feedback = SSblackbox.feedback
@@ -255,6 +262,7 @@ Versioning
 	key_type = new_key_type
 
 /datum/controller/subsystem/blackbox/proc/ReportDeath(mob/living/L)
+	set waitfor = FALSE
 	if(sealed)
 		return
 	if(!L || !L.key || !L.mind)
@@ -267,28 +275,50 @@ Versioning
 		first_death["area"] = "[AREACOORD(L)]"
 		first_death["damage"] = "<font color='#FF5555'>[L.getBruteLoss()]</font>/<font color='orange'>[L.getFireLoss()]</font>/<font color='lightgreen'>[L.getToxLoss()]</font>/<font color='lightblue'>[L.getOxyLoss()]</font>/<font color='pink'>[L.getCloneLoss()]</font>"
 		first_death["last_words"] = L.last_words
+	var/sqlname = L.real_name
+	var/sqlkey = L.ckey
+	var/sqljob = L.mind.assigned_role
+	var/sqlspecial = L.mind.special_role
+	var/sqlpod = get_area_name(L, TRUE)
+	var/laname = L.lastattacker
+	var/lakey = L.lastattackerckey
+	var/sqlbrute = L.getBruteLoss()
+	var/sqlfire = L.getFireLoss()
+	var/sqlbrain = L.getBrainLoss()
+	var/sqloxy = L.getOxyLoss()
+	var/sqltox = L.getToxLoss()
+	var/sqlclone = L.getCloneLoss()
+	var/sqlstamina = L.getStaminaLoss()
+	var/x_coord = L.x
+	var/y_coord = L.y
+	var/z_coord = L.z
+	var/last_words = L.last_words
+	var/suicide = L.suiciding
+	var/map = SSmapping.config.map_name
+
 	if(!SSdbcore.Connect())
 		return
-	var/area/placeofdeath = get_area(L)
+	
-	var/sqlname = sanitizeSQL(L.real_name)
+	sqlname = sanitizeSQL(sqlname)
-	var/sqlkey = sanitizeSQL(L.ckey)
+	sqlkey = sanitizeSQL(sqlkey)
-	var/sqljob = sanitizeSQL(L.mind.assigned_role)
+	sqljob = sanitizeSQL(sqljob)
-	var/sqlspecial = sanitizeSQL(L.mind.special_role)
+	sqlspecial = sanitizeSQL(sqlspecial)
-	var/sqlpod = sanitizeSQL(placeofdeath.name)
+	sqlpod = sanitizeSQL(sqlpod)
-	var/laname = sanitizeSQL(L.lastattacker)
+	laname = sanitizeSQL(laname)
-	var/lakey = sanitizeSQL(L.lastattackerckey)
+	lakey = sanitizeSQL(lakey)
-	var/sqlbrute = sanitizeSQL(L.getBruteLoss())
+	sqlbrute = sanitizeSQL(sqlbrute)
-	var/sqlfire = sanitizeSQL(L.getFireLoss())
+	sqlfire = sanitizeSQL(sqlfire)
-	var/sqlbrain = sanitizeSQL(L.getBrainLoss())
+	sqlbrain = sanitizeSQL(sqlbrain)
-	var/sqloxy = sanitizeSQL(L.getOxyLoss())
+	sqloxy = sanitizeSQL(sqloxy)
-	var/sqltox = sanitizeSQL(L.getToxLoss())
+	sqltox = sanitizeSQL(sqltox)
-	var/sqlclone = sanitizeSQL(L.getCloneLoss())
+	sqlclone = sanitizeSQL(sqlclone)
-	var/sqlstamina = sanitizeSQL(L.getStaminaLoss())
+	sqlstamina = sanitizeSQL(sqlstamina)
-	var/x_coord = sanitizeSQL(L.x)
+	x_coord = sanitizeSQL(x_coord)
-	var/y_coord = sanitizeSQL(L.y)
+	y_coord = sanitizeSQL(y_coord)
-	var/z_coord = sanitizeSQL(L.z)
+	z_coord = sanitizeSQL(z_coord)
-	var/last_words = sanitizeSQL(L.last_words)
+	last_words = sanitizeSQL(last_words)
-	var/suicide = sanitizeSQL(L.suiciding)
+	suicide = sanitizeSQL(suicide)
-	var/map = sanitizeSQL(SSmapping.config.map_name)
+	map = sanitizeSQL(map)
 	var/datum/DBQuery/query_report_death = SSdbcore.NewQuery("INSERT INTO [format_table_name("death")] (pod, x_coord, y_coord, z_coord, mapname, server_ip, server_port, round_id, tod, job, special, name, byondkey, laname, lakey, bruteloss, fireloss, brainloss, oxyloss, toxloss, cloneloss, staminaloss, last_words, suicide) VALUES ('[sqlpod]', '[x_coord]', '[y_coord]', '[z_coord]', '[map]', INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')), '[world.port]', [GLOB.round_id], '[SQLtime()]', '[sqljob]', '[sqlspecial]', '[sqlname]', '[sqlkey]', '[laname]', '[lakey]', [sqlbrute], [sqlfire], [sqlbrain], [sqloxy], [sqltox], [sqlclone], [sqlstamina], '[last_words]', [suicide])")
 	query_report_death.Execute()
+	qdel(query_report_death)

code/controllers/subsystem/dbcore.dm

@@ -1,6 +1,7 @@
 SUBSYSTEM_DEF(dbcore)
 	name = "Database"
-	flags = SS_NO_FIRE
+	flags = SS_BACKGROUND
+	wait = 1 MINUTES
 	init_order = INIT_ORDER_DBCORE
 	var/const/FAILED_DB_CONNECTION_CUTOFF = 5
 
@@ -25,6 +26,8 @@ SUBSYSTEM_DEF(dbcore)
 	var/_db_con// This variable contains a reference to the actual database connection.
 	var/failed_connections = 0
 
+	var/list/active_queries = list()
+
 /datum/controller/subsystem/dbcore/PreInit()
 	if(!_db_con)
 		_db_con = _dm_db_new_con()
@@ -40,6 +43,15 @@ SUBSYSTEM_DEF(dbcore)
 
 	return ..()
 
+/datum/controller/subsystem/dbcore/fire()
+	for(var/I in active_queries)
+		var/datum/DBQuery/Q = I
+		if(world.time - Q.last_activity_time > (5 MINUTES))
+			message_admins("Found undeleted query, please check the server logs and notify coders.")
+			log_sql("Undeleted query: \"[Q.sql]\" LA: [Q.last_activity] LAT: [Q.last_activity_time]")
+			qdel(Q)
+		if(MC_TICK_CHECK)
+			return
 
 /datum/controller/subsystem/dbcore/Recover()
 	_db_con = SSdbcore._db_con
@@ -49,12 +61,13 @@ SUBSYSTEM_DEF(dbcore)
 	if(SSdbcore.Connect())
 		var/datum/DBQuery/query_round_shutdown = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET shutdown_datetime = Now(), end_state = '[sanitizeSQL(SSticker.end_state)]' WHERE id = [GLOB.round_id]")
 		query_round_shutdown.Execute()
+		qdel(query_round_shutdown)
 	if(IsConnected())
 		Disconnect()
 
 //nu
 /datum/controller/subsystem/dbcore/can_vv_get(var_name)
-	return var_name != "_db_con" && ..()
+	return var_name != NAMEOF(src, _db_con) && var_name != NAMEOF(src, active_queries) && ..()
 
 /datum/controller/subsystem/dbcore/vv_edit_var(var_name, var_value)
 	if(var_name == "_db_con")
@@ -98,33 +111,38 @@ SUBSYSTEM_DEF(dbcore)
 			else
 				schema_mismatch = 2 //flag admin message about no schema version
 				log_sql("Could not get schema version from database")
+			qdel(query_db_version)
 		else
 			log_sql("Your server failed to establish a connection with the database.")
 	else
 		log_sql("Database is not enabled in configuration.")
 
 /datum/controller/subsystem/dbcore/proc/SetRoundID()
-	if(CONFIG_GET(flag/sql_enabled))
+	if(!Connect())
-		if(SSdbcore.Connect())
+		return
 	var/datum/DBQuery/query_round_initialize = SSdbcore.NewQuery("INSERT INTO [format_table_name("round")] (initialize_datetime, server_ip, server_port) VALUES (Now(), INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')), '[world.port]')")
 	query_round_initialize.Execute()
+	qdel(query_round_initialize)
 	var/datum/DBQuery/query_round_last_id = SSdbcore.NewQuery("SELECT LAST_INSERT_ID()")
 	query_round_last_id.Execute()
 	if(query_round_last_id.NextRow())
 		GLOB.round_id = query_round_last_id.item[1]
+	qdel(query_round_last_id)
 
 /datum/controller/subsystem/dbcore/proc/SetRoundStart()
-	if(CONFIG_GET(flag/sql_enabled))
+	if(!Connect())
-		if(SSdbcore.Connect())
+		return
 	var/datum/DBQuery/query_round_start = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET start_datetime = Now() WHERE id = [GLOB.round_id]")
 	query_round_start.Execute()
+	qdel(query_round_start)
 
 /datum/controller/subsystem/dbcore/proc/SetRoundEnd()
-	if(CONFIG_GET(flag/sql_enabled))
+	if(!Connect())
-		if(SSdbcore.Connect())
+		return
 	var/sql_station_name = sanitizeSQL(station_name())
 	var/datum/DBQuery/query_round_end = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET end_datetime = Now(), game_mode_result = '[sanitizeSQL(SSticker.mode_result)]', station_name = '[sql_station_name]' WHERE id = [GLOB.round_id]")
 	query_round_end.Execute()
+	qdel(query_round_end)
 
 /datum/controller/subsystem/dbcore/proc/Disconnect()
 	failed_connections = 0
@@ -215,6 +233,7 @@ Delayed insert mode was removed in mysql 7 and only works with MyISAM type table
 		return Query.warn_execute()
 	else
 		return Query.Execute()
+	qdel(Query)
 
 
 /datum/DBQuery
@@ -223,11 +242,14 @@ Delayed insert mode was removed in mysql 7 and only works with MyISAM type table
 	var/list/columns //list of DB Columns populated by Columns()
 	var/list/conversions
 	var/list/item  //list of data values populated by NextRow()
-
+	var/last_activity
+	var/last_activity_time
 	var/datum/controller/subsystem/dbcore/db_connection
 	var/_db_query
 
 /datum/DBQuery/New(sql_query, datum/controller/subsystem/dbcore/connection_handler, cursor_handler)
+	SSdbcore.active_queries[src] = TRUE
+	Activity("Created")
 	if(sql_query)
 		sql = sql_query
 	if(connection_handler)
@@ -237,12 +259,22 @@ Delayed insert mode was removed in mysql 7 and only works with MyISAM type table
 	item = list()
 	_db_query = _dm_db_new_query()
 
+/datum/DBQuery/Destroy()
+	Close()
+	SSdbcore.active_queries -= src
+	return ..()
+
+/datum/DBQuery/proc/Activity(activity)
+	last_activity = activity
+	last_activity_time = world.time
+
 /datum/DBQuery/proc/warn_execute()
 	. = Execute()
 	if(!.)
 		to_chat(usr, "<span class='danger'>A SQL error occurred during this operation, check the server logs.</span>")
 
 /datum/DBQuery/proc/Execute(sql_query = sql, cursor_handler = default_cursor, log_error = TRUE)
+	Activity("Execute")
 	var/start_time
 	var/timeout = CONFIG_GET(number/query_debug_log_timeout)
 	if(timeout)
@@ -263,6 +295,7 @@ Delayed insert mode was removed in mysql 7 and only works with MyISAM type table
 	message_admins("HEY! A database query may have timed out. Did the server just hang? <a href='?_src_=holder;[HrefToken()];slowquery=yes'>\[YES\]</a>|<a href='?_src_=holder;[HrefToken()];slowquery=no'>\[NO\]</a>")
 
 /datum/DBQuery/proc/NextRow()
+	Activity("NextRow")
 	return _dm_db_next_row(_db_query,item,conversions)
 
 /datum/DBQuery/proc/RowsAffected()

code/controllers/subsystem/job.dm

@@ -85,7 +85,7 @@ SUBSYSTEM_DEF(job)
 		var/datum/job/job = GetJob(rank)
 		if(!job)
 			return FALSE
-		if(jobban_isbanned(player, rank))
+		if(jobban_isbanned(player, rank) || QDELETED(player))
 			return FALSE
 		if(!job.player_old_enough(player.client))
 			return FALSE
@@ -107,7 +107,7 @@ SUBSYSTEM_DEF(job)
 	Debug("Running FOC, Job: [job], Level: [level], Flag: [flag]")
 	var/list/candidates = list()
 	for(var/mob/dead/new_player/player in unassigned)
-		if(jobban_isbanned(player, job.title))
+		if(jobban_isbanned(player, job.title) || QDELETED(player))
 			Debug("FOC isbanned failed, Player: [player]")
 			continue
 		if(!job.player_old_enough(player.client))
@@ -145,7 +145,10 @@ SUBSYSTEM_DEF(job)
 		if(job.title in GLOB.command_positions) //If you want a command position, select it!
 			continue
 
-		if(jobban_isbanned(player, job.title))
+		if(jobban_isbanned(player, job.title) || QDELETED(player))
+			if(QDELETED(player))
+				Debug("GRJ isbanned failed, Player deleted")
+				break
 			Debug("GRJ isbanned failed, Player: [player], Job: [job.title]")
 			continue
 
@@ -321,6 +324,10 @@ SUBSYSTEM_DEF(job)
 					Debug("DO isbanned failed, Player: [player], Job:[job.title]")
 					continue
 
+				if(QDELETED(player))
+					Debug("DO player deleted during job ban check")
+					break
+
 				if(!job.player_old_enough(player.client))
 					Debug("DO player not old enough, Player: [player], Job:[job.title]")
 					continue
@@ -349,7 +356,7 @@ SUBSYSTEM_DEF(job)
 	for(var/mob/dead/new_player/player in unassigned)
 		if(PopcapReached())
 			RejectPlayer(player)
-		else if(jobban_isbanned(player, SSjob.overflow_role))
+		else if(jobban_isbanned(player, SSjob.overflow_role) || QDELETED(player))
 			GiveRandomJob(player) //you get to roll for random before everyone else just to be sure you don't get overflow. you're so speshul
 
 	for(var/mob/dead/new_player/player in unassigned)
@@ -489,7 +496,7 @@ SUBSYSTEM_DEF(job)
 		for(var/mob/dead/new_player/player in GLOB.player_list)
 			if(!(player.ready == PLAYER_READY_TO_PLAY && player.mind && !player.mind.assigned_role))
 				continue //This player is not ready
-			if(jobban_isbanned(player, job.title))
+			if(jobban_isbanned(player, job.title) || QDELETED(player))
 				banned++
 				continue
 			if(!job.player_old_enough(player.client))

code/controllers/subsystem/mapping.dm

@@ -219,6 +219,7 @@ SUBSYSTEM_DEF(mapping)
 	if(SSdbcore.Connect())
 		var/datum/DBQuery/query_round_map_name = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET map_name = '[config.map_name]' WHERE id = [GLOB.round_id]")
 		query_round_map_name.Execute()
+		qdel(query_round_map_name)
 
 #ifndef LOWMEMORYMODE
 	// TODO: remove this when the DB is prepared for the z-levels getting reordered

code/datums/diseases/transformation.dm

@@ -50,8 +50,11 @@
 		if(stage5)
 			to_chat(affected_mob, pick(stage5))
 		if(jobban_isbanned(affected_mob, new_form))
+			if(!QDELETED(affected_mob))
 				affected_mob.death(1)
 			return
+		if(QDELETED(affected_mob))
+			return
 		if(affected_mob.notransform)
 			return
 		affected_mob.notransform = 1

code/game/gamemodes/changeling/changeling.dm

@@ -82,7 +82,7 @@ GLOBAL_VAR(changeling_team_objective_type) //If this is not null, we hand our th
 		return
 	if(changelings.len <= (changelingcap - 2) || prob(100 - (csc * 2)))
 		if(ROLE_CHANGELING in character.client.prefs.be_special)
-			if(!jobban_isbanned(character, ROLE_CHANGELING) && !jobban_isbanned(character, ROLE_SYNDICATE))
+			if(!jobban_isbanned(character, ROLE_CHANGELING) && !QDELETED(character) && !jobban_isbanned(character, ROLE_SYNDICATE) && !QDELETED(character))
 				if(age_check(character.client))
 					if(!(character.job in restricted_jobs))
 						character.mind.make_Changling()

code/game/gamemodes/changeling/traitor_chan.dm

@@ -69,11 +69,13 @@
 		return
 	if(changelings.len <= (changelingcap - 2) || prob(100 / (csc * 4)))
 		if(ROLE_CHANGELING in character.client.prefs.be_special)
-			if(!jobban_isbanned(character, ROLE_CHANGELING) && !jobban_isbanned(character, ROLE_SYNDICATE))
+			if(!jobban_isbanned(character, ROLE_CHANGELING) && !QDELETED(character) && !jobban_isbanned(character, ROLE_SYNDICATE) && !QDELETED(character))
 				if(age_check(character.client))
 					if(!(character.job in restricted_jobs))
 						character.mind.make_Changling()
 						changelings += character.mind
+	if(QDELETED(character))
+		return
 	..()
 
 /datum/game_mode/traitor/changeling/generate_report()

code/game/gamemodes/game_mode.dm

@@ -93,6 +93,7 @@
 		if(sql)
 			var/datum/DBQuery/query_round_game_mode = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET [sql] WHERE id = [GLOB.round_id]")
 			query_round_game_mode.Execute()
+			qdel(query_round_game_mode)
 	if(report)
 		addtimer(CALLBACK(src, .proc/send_intercept, 0), rand(waittime_l, waittime_h))
 	generate_station_goals()
@@ -359,8 +360,13 @@
 
 	for(var/mob/dead/new_player/player in players)
 		if(player.client && player.ready == PLAYER_READY_TO_PLAY)
+<<<<<<< HEAD
 			if(role in player.client.prefs.be_special ) //&& !(player.mind.quiet_round)) // yogs - Donor features, quiet round
 				if(!jobban_isbanned(player, ROLE_SYNDICATE) && !jobban_isbanned(player, role)) //Nodrak/Carn: Antag Job-bans
+=======
+			if(role in player.client.prefs.be_special)
+				if(!jobban_isbanned(player, ROLE_SYNDICATE) && !QDELETED(player) && !jobban_isbanned(player, role) && !QDELETED(player)) //Nodrak/Carn: Antag Job-bans
+>>>>>>> cf7e8aa9ec... Qdels queries, adds sleep safety checks, DBcore checks for leaks (#38363)
 					if(age_check(player.client)) //Must be older than the minimum age
 						candidates += player.mind				// Get a list of all the people who want to be the antagonist for this round
 
@@ -374,7 +380,7 @@
 		for(var/mob/dead/new_player/player in players)
 			if(player.client && player.ready == PLAYER_READY_TO_PLAY)
 				if(!(role in player.client.prefs.be_special)) // We don't have enough people who want to be antagonist, make a separate list of people who don't want to be one
-					if(!jobban_isbanned(player, ROLE_SYNDICATE) && !jobban_isbanned(player, role)) //Nodrak/Carn: Antag Job-bans
+					if(!jobban_isbanned(player, ROLE_SYNDICATE) && !QDELETED(player)  && !jobban_isbanned(player, role) && !QDELETED(player) ) //Nodrak/Carn: Antag Job-bans
 						drafted += player.mind
 						/* yogs start - Donor features, quiet round
 						if(player.mind.quiet_round)

code/game/gamemodes/traitor/traitor.dm

@@ -79,7 +79,7 @@
 		return
 	if((SSticker.mode.traitors.len + pre_traitors.len) <= (traitorcap - 2) || prob(100 / (tsc * 2)))
 		if(ROLE_TRAITOR in character.client.prefs.be_special)
-			if(!jobban_isbanned(character, ROLE_TRAITOR) && !jobban_isbanned(character, ROLE_SYNDICATE))
+			if(!jobban_isbanned(character, ROLE_TRAITOR) && !QDELETED(character) && !jobban_isbanned(character, ROLE_SYNDICATE) && !QDELETED(character))
 				if(age_check(character.client))
 					if(!(character.job in restricted_jobs))
 						add_latejoin_traitor(character.mind)

code/game/objects/items/robot/robot_parts.dm

@@ -181,7 +181,8 @@
 				to_chat(user, "<span class='warning'>Sticking a dead brain into the frame would sort of defeat the purpose!</span>")
 				return
 
-			if(jobban_isbanned(BM, "Cyborg"))
+			if(jobban_isbanned(BM, "Cyborg") || QDELETED(src) || QDELETED(BM) || QDELETED(user) || QDELETED(M) || !Adjacent(user))
+				if(!QDELETED(M))
 					to_chat(user, "<span class='warning'>This [M.name] does not seem to fit!</span>")
 				return
 

code/game/objects/structures/ai_core.dm

@@ -184,7 +184,8 @@
 						to_chat(user, "<span class='warning'>Sticking an inactive [M.name] into the frame would sort of defeat the purpose.</span>")
 						return
 
-					if(!CONFIG_GET(flag/allow_ai) || jobban_isbanned(M.brainmob, "AI"))
+					if(!CONFIG_GET(flag/allow_ai) || (jobban_isbanned(M.brainmob, "AI") && !QDELETED(src) && !QDELETED(user) && !QDELETED(M) && !QDELETED(user) && Adjacent(user)))
+						if(!QDELETED(M))
 							to_chat(user, "<span class='warning'>This [M.name] does not seem to fit!</span>")
 						return
 

code/modules/admin/DB_ban/functions.dm

@@ -75,11 +75,19 @@
 		computerid = bancid
 		ip = banip
 	
+	var/had_banned_mob = banned_mob != null
+	var/client/banned_client = banned_mob?.client
+	var/banned_mob_guest_key = had_banned_mob && IsGuestKey(banned_mob.key)
+	banned_mob = null
+
 	var/datum/DBQuery/query_add_ban_get_ckey = SSdbcore.NewQuery("SELECT ckey FROM [format_table_name("player")] WHERE ckey = '[ckey]'")
 	if(!query_add_ban_get_ckey.warn_execute())
+		qdel(query_add_ban_get_ckey)
 		return
-	if(!query_add_ban_get_ckey.NextRow())
+	var/seen_before = query_add_ban_get_ckey.NextRow()
-		if(!banned_mob || (banned_mob && !IsGuestKey(banned_mob.key)))
+	qdel(query_add_ban_get_ckey)
+	if(!seen_before)
+		if(!had_banned_mob || (had_banned_mob && !banned_mob_guest_key))
 			if(alert(usr, "[ckey] has not been seen before, are you sure you want to create a ban for them?", "Unknown ckey", "Yes", "No", "Cancel") != "Yes")
 				return
 
@@ -116,6 +124,7 @@
 	if(maxadminbancheck)
 		var/datum/DBQuery/query_check_adminban_amt = SSdbcore.NewQuery("SELECT count(id) AS num FROM [format_table_name("ban")] WHERE (a_ckey = '[a_ckey]') AND (bantype = 'ADMIN_PERMABAN'  OR (bantype = 'ADMIN_TEMPBAN' AND expiration_time > Now())) AND (isnull(unbanned) OR unbanned = 0)") // yogs - Yog Bans
 		if(!query_check_adminban_amt.warn_execute())
+			qdel(query_check_adminban_amt)
 			return
 		if(query_check_adminban_amt.NextRow())
 			var/adm_bans = text2num(query_check_adminban_amt.item[1])
@@ -124,7 +133,9 @@
 				max_bans = MAX_ADMIN_BANS_PER_HEADMIN
 			if(adm_bans >= max_bans)
 				to_chat(usr, "<span class='danger'>You already logged [max_bans] admin ban(s) or more. Do not abuse this function!</span>")
+				qdel(query_check_adminban_amt)
 				return
+		qdel(query_check_adminban_amt)
 	if(!computerid)
 		computerid = "0"
 	if(!ip)
@@ -132,7 +143,9 @@
 	var/sql = "INSERT INTO [format_table_name("ban")] (`bantime`,`server_ip`,`server_port`,`round_id`,`bantype`,`reason`,`job`,`duration`,`expiration_time`,`ckey`,`computerid`,`ip`,`a_ckey`,`a_computerid`,`a_ip`,`who`,`adminwho`) VALUES (Now(), INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')), '[world.port]', '[GLOB.round_id]', '[bantype_str]', '[reason]', '[job]', [(duration)?"[duration]":"0"], Now() + INTERVAL [(duration>0) ? duration : 0] MINUTE, '[ckey]', '[computerid]', INET_ATON('[ip]'), '[a_ckey]', '[a_computerid]', INET_ATON('[a_ip]'), '[who]', '[adminwho]')"
 	var/datum/DBQuery/query_add_ban = SSdbcore.NewQuery(sql)
 	if(!query_add_ban.warn_execute())
+		qdel(query_add_ban)
 		return
+	qdel(query_add_ban)
 	to_chat(usr, "<span class='adminnotice'>Ban saved to database.</span>")
 	var/msg = "[key_name(usr)] has added a [bantype_str] for [ckey] [(job)?"([job])":""] [(duration > 0)?"([duration] minutes)":""] with the reason: \"[reason]\" to the ban database." // yogs - Yog Tickets
 	message_admins(msg,1)
@@ -144,8 +157,8 @@
 	if(kickbannedckey)
 		if(AH)
 			AH.Resolve()	//with prejudice
-		if(banned_mob && banned_mob.client && banned_mob.client.ckey == banckey)
+		if(banned_client && banned_client.ckey == banckey)
-			qdel(banned_mob.client)
+			qdel(banned_client)
 	return 1
 
 /datum/admins/proc/DB_ban_unban(ckey, bantype, job = "")
@@ -204,10 +217,12 @@
 
 	var/datum/DBQuery/query_unban_get_id = SSdbcore.NewQuery(sql)
 	if(!query_unban_get_id.warn_execute())
+		qdel(query_unban_get_id)
 		return
 	while(query_unban_get_id.NextRow())
 		ban_id = query_unban_get_id.item[1]
 		ban_number++;
+	qdel(query_unban_get_id)
 
 	if(ban_number == 0)
 		to_chat(usr, "<span class='danger'>Database update failed due to no bans fitting the search criteria. If this is not a legacy ban you should contact the database admin.</span>")
@@ -236,6 +251,7 @@
 
 	var/datum/DBQuery/query_edit_ban_get_details = SSdbcore.NewQuery("SELECT ckey, duration, reason FROM [format_table_name("ban")] WHERE id = [banid]")
 	if(!query_edit_ban_get_details.warn_execute())
+		qdel(query_edit_ban_get_details)
 		return
 
 	var/eckey = usr.ckey	//Editing admin ckey
@@ -249,7 +265,9 @@
 		reason = query_edit_ban_get_details.item[3]
 	else
 		to_chat(usr, "Invalid ban id. Contact the database admin")
+		qdel(query_edit_ban_get_details)
 		return
+	qdel(query_edit_ban_get_details)
 
 	reason = sanitizeSQL(reason)
 	var/value
@@ -265,7 +283,9 @@
 
 			var/datum/DBQuery/query_edit_ban_reason = SSdbcore.NewQuery("UPDATE [format_table_name("ban")] SET reason = '[value]', edits = CONCAT(edits,'- [eckey] changed ban reason from <cite><b>\\\"[reason]\\\"</b></cite> to <cite><b>\\\"[value]\\\"</b></cite><BR>') WHERE id = [banid]")
 			if(!query_edit_ban_reason.warn_execute())
+				qdel(query_edit_ban_reason)
 				return
+			qdel(query_edit_ban_reason)
 			message_admins("[key_name_admin(usr)] has edited a ban for [pckey]'s reason from [reason] to [value]")
 		if("duration")
 			if(!value)
@@ -276,7 +296,9 @@
 
 			var/datum/DBQuery/query_edit_ban_duration = SSdbcore.NewQuery("UPDATE [format_table_name("ban")] SET duration = [value], edits = CONCAT(edits,'- [eckey] changed ban duration from [duration] to [value]<br>'), expiration_time = DATE_ADD(bantime, INTERVAL [value] MINUTE) WHERE id = [banid]")
 			if(!query_edit_ban_duration.warn_execute())
+				qdel(query_edit_ban_duration)
 				return
+			qdel(query_edit_ban_duration)
 			message_admins("[key_name_admin(usr)] has edited a ban for [pckey]'s duration from [duration] to [value]")
 		if("unban")
 			if(alert("Unban [pckey]?", "Unban?", "Yes", "No") == "Yes")
@@ -304,10 +326,12 @@
 	var/pckey
 	var/datum/DBQuery/query_unban_get_ckey = SSdbcore.NewQuery(sql)
 	if(!query_unban_get_ckey.warn_execute())
+		qdel(query_unban_get_ckey)
 		return
 	while(query_unban_get_ckey.NextRow())
 		pckey = query_unban_get_ckey.item[1]
 		ban_number++;
+	qdel(query_unban_get_ckey)
 
 	if(ban_number == 0)
 		to_chat(usr, "<span class='danger'>Database update failed due to a ban id not being present in the database.</span>")
@@ -327,7 +351,9 @@
 	var/sql_update = "UPDATE [format_table_name("ban")] SET unbanned = 1, unbanned_datetime = Now(), unbanned_ckey = '[unban_ckey]', unbanned_computerid = '[unban_computerid]', unbanned_ip = INET_ATON('[unban_ip]') WHERE id = [id]"
 	var/datum/DBQuery/query_unban = SSdbcore.NewQuery(sql_update)
 	if(!query_unban.warn_execute())
+		qdel(query_unban)
 		return
+	qdel(query_unban)
 	message_admins("[key_name_admin(usr)] has lifted [pckey]'s ban.")
 
 /client/proc/DB_ban_panel()
@@ -422,9 +448,11 @@
 		page = text2num(page)
 		var/datum/DBQuery/query_count_bans = SSdbcore.NewQuery("SELECT COUNT(id) FROM [format_table_name("ban")] WHERE [search]")
 		if(!query_count_bans.warn_execute())
+			qdel(query_count_bans)
 			return
 		if(query_count_bans.NextRow())
 			bancount = text2num(query_count_bans.item[1])
+		qdel(query_count_bans)
 		if(bancount > bansperpage)
 			output += "<br><b>Page: </b>"
 			while(bancount > 0)
@@ -448,6 +476,7 @@
 		var/limit = " LIMIT [bansperpage * page], [bansperpage]"
 		var/datum/DBQuery/query_search_bans = SSdbcore.NewQuery("SELECT id, bantime, bantype, reason, job, duration, expiration_time, ckey, a_ckey, unbanned, unbanned_ckey, unbanned_datetime, edits, round_id FROM [format_table_name("ban")] WHERE [search] ORDER BY bantime DESC[limit]")
 		if(!query_search_bans.warn_execute())
+			qdel(query_search_bans)
 			return
 
 		while(query_search_bans.NextRow())
@@ -511,7 +540,7 @@
 			output += "<tr>"
 			output += "<td colspan='5' bgcolor='white'>&nbsp</td>"
 			output += "</tr>"
-
+		qdel(query_search_bans)
 		output += "</table></div>"
 
 	usr << browse(output,"window=lookupbans;size=900x500")

code/modules/admin/IsBanned.dm

@@ -80,6 +80,7 @@
 
 		var/datum/DBQuery/query_ban_check = SSdbcore.NewQuery("SELECT ckey, a_ckey, reason, expiration_time, duration, bantime, bantype, id, round_id FROM [format_table_name("ban")] WHERE (ckey = '[ckeytext]' [ipquery] [cidquery]) AND (bantype = 'PERMABAN' OR bantype = 'ADMIN_PERMABAN' OR ((bantype = 'TEMPBAN' OR bantype = 'ADMIN_TEMPBAN') AND expiration_time > Now())) AND (isnull(unbanned) OR unbanned = 0)") // yogs - Yog Bans
 		if(!query_ban_check.Execute())
+			qdel(query_ban_check)
 			return
 		while(query_ban_check.NextRow())
 			var/pckey = query_ban_check.item[1]
@@ -117,7 +118,9 @@
 
 
 			log_access("Failed Login: [key] [computer_id] [address] - Banned (#[banid]) [.["reason"]]")
+			qdel(query_ban_check)
 			return .
+		qdel(query_ban_check)
 
 	var/list/ban = ..()	//default pager ban stuff
 	if (ban)

code/modules/admin/admin.dm

@@ -77,14 +77,19 @@
 	body += "<A href='?_src_=holder;[HrefToken()];newban=[REF(M)]'>Ban</A> | "
 	body += "<A href='?_src_=holder;[HrefToken()];jobban2=[REF(M)]'>Jobban</A> | "
 	body += "<A href='?_src_=holder;[HrefToken()];appearanceban=[REF(M)]'>Identity Ban</A> | "
+	var/rm = REF(M)
 	if(jobban_isbanned(M, "OOC"))
-		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=OOC;jobban4=[REF(M)]'><font color=red>OOCBan</font></A> | "
+		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=OOC;jobban4=[rm]'><font color=red>OOCBan</font></A> | "
 	else
-		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=OOC;jobban4=[REF(M)]'>OOCBan</A> | "
+		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=OOC;jobban4=[rm]'>OOCBan</A> | "
+	if(QDELETED(M) || QDELETED(usr))
+		return
 	if(jobban_isbanned(M, "emote"))
-		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=emote;jobban4=[REF(M)]'><font color=red>EmoteBan</font></A> | "
+		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=emote;jobban4=[rm]'><font color=red>EmoteBan</font></A> | "
 	else
-		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=emote;jobban4=[REF(M)]'>Emoteban</A> | "
+		body+= "<A href='?_src_=holder;[HrefToken()];jobban3=emote;jobban4=[rm]'>Emoteban</A> | "
+	if(QDELETED(M) || QDELETED(usr))
+		return
 
 	body += "<A href='?_src_=holder;[HrefToken()];showmessageckey=[M.ckey]'>Notes | Messages | Watchlist</A> | "
 	if(M.client)

code/modules/admin/admin_ranks.dm

@@ -146,7 +146,7 @@ GLOBAL_PROTECT(protected_ranks)
 					var/sql_exclude_flags = sanitizeSQL(R.exclude_rights)
 					var/sql_can_edit_flags = sanitizeSQL(R.can_edit_rights)
 					sql_ranks += list(list("rank" = "'[sql_rank]'", "flags" = "[sql_flags]", "exclude_flags" = "[sql_exclude_flags]", "can_edit_flags" = "[sql_can_edit_flags]"))
-				SSdbcore.MassInsert(format_table_name("admin_ranks"), sql_ranks, duplicate_key = TRUE)
+				SSdbcore.MassInsert(format_table_name("admin_ranks"), sql_ranks, duplicate_key = TRUE, blocking = TRUE)
 		else
 			var/datum/DBQuery/query_load_admin_ranks = SSdbcore.NewQuery("SELECT rank, flags, exclude_flags, can_edit_flags FROM [format_table_name("admin_ranks")]")
 			if(!query_load_admin_ranks.Execute())
@@ -169,6 +169,7 @@ GLOBAL_PROTECT(protected_ranks)
 						if(!R)
 							continue
 						GLOB.admin_ranks += R
+			qdel(query_load_admin_ranks)
 	//load ranks from backup file
 	if(dbfail)
 		var/backup_file = file("data/admins_backup.json")
@@ -247,6 +248,7 @@ GLOBAL_PROTECT(protected_ranks)
 					skip = 1
 				if(!skip)
 					new /datum/admins(rank_names[admin_rank], admin_ckey)
+		qdel(query_load_admins)
 	//load admins from backup file
 	if(dbfail)
 		var/backup_file = file("data/admins_backup.json")

code/modules/admin/banjob.dm

@@ -6,11 +6,13 @@
 	if(!M.client) //no cache. fallback to a datum/DBQuery
 		var/datum/DBQuery/query_jobban_check_ban = SSdbcore.NewQuery("SELECT reason FROM [format_table_name("ban")] WHERE ckey = '[sanitizeSQL(M.ckey)]' AND (bantype = 'JOB_PERMABAN'  OR (bantype = 'JOB_TEMPBAN' AND expiration_time > Now())) AND (isnull(unbanned) OR unbanned = 0) AND job = '[sanitizeSQL(rank)]'") // yogs - Yog Bans
 		if(!query_jobban_check_ban.warn_execute())
+			qdel(query_jobban_check_ban)
 			return
 		if(query_jobban_check_ban.NextRow())
 			var/reason = query_jobban_check_ban.item[1]
+			qdel(query_jobban_check_ban)
 			return reason ? reason : TRUE //we don't want to return "" if there is no ban reason, as that would evaluate to false
-		else
+		qdel(query_jobban_check_ban)
 		return FALSE
 
 	if(!M.client.jobbancache)
@@ -31,6 +33,7 @@
 			return
 		while(query_jobban_build_cache.NextRow())
 			C.jobbancache[query_jobban_build_cache.item[1]] = query_jobban_build_cache.item[2]
+		qdel(query_jobban_build_cache)
 
 /proc/ban_unban_log_save(var/formatted_log)
 	text2file(formatted_log,"data/ban_unban_log.txt")

code/modules/admin/chat_commands.dm

@@ -110,6 +110,10 @@ GLOBAL_LIST(round_end_notifiees)
 	admin_only = TRUE
 
 /datum/tgs_chat_command/reload_admins/Run(datum/tgs_chat_user/sender, params)
-	load_admins()
+	ReloadAsync()
 	log_admin("[sender.friendly_name] reloaded admins via chat command.")
 	return "Admins reloaded."
+
+/datum/tgs_chat_command/reload_admins/proc/ReloadAsync()
+	set waitfor = FALSE
+	load_admins()

code/modules/admin/create_poll.dm

@@ -36,7 +36,8 @@
 		return
 	endtime = sanitizeSQL(endtime)
 	var/datum/DBQuery/query_validate_time = SSdbcore.NewQuery("SELECT IF(STR_TO_DATE('[endtime]','%Y-%c-%d %T') > NOW(), STR_TO_DATE('[endtime]','%Y-%c-%d %T'), 0)")
-	if(!query_validate_time.warn_execute())
+	if(!query_validate_time.warn_execute() || QDELETED(usr) || !src)
+		qdel(query_validate_time)
 		return
 	if(query_validate_time.NextRow())
 		var/checktime = text2num(query_validate_time.item[1])
@@ -44,6 +45,7 @@
 			to_chat(src, "Datetime entered is improperly formatted or not later than current server time.")
 			return
 		endtime = query_validate_time.item[1]
+	qdel(query_validate_time)
 	var/adminonly
 	switch(alert("Admin only poll?",,"Yes","No","Cancel"))
 		if("Yes")
@@ -124,18 +126,24 @@
 					add_option = 0
 				else
 					return 0
+	var/m1 = "[key_name(usr)] has created a new server poll. Poll type: [polltype] - Admin Only: [adminonly ? "Yes" : "No"] - Question: [question]"
+	var/m2 = "[key_name_admin(usr)] has created a new server poll. Poll type: [polltype] - Admin Only: [adminonly ? "Yes" : "No"]<br>Question: [question]"
 	var/datum/DBQuery/query_polladd_question = SSdbcore.NewQuery("INSERT INTO [format_table_name("poll_question")] (polltype, starttime, endtime, question, adminonly, multiplechoiceoptions, createdby_ckey, createdby_ip, dontshow) VALUES ('[polltype]', '[starttime]', '[endtime]', '[question]', '[adminonly]', '[choice_amount]', '[sql_ckey]', INET_ATON('[address]'), '[dontshow]')")
 	if(!query_polladd_question.warn_execute())
+		qdel(query_polladd_question)
 		return
+	qdel(query_polladd_question)
 	if(polltype != POLLTYPE_TEXT)
 		var/pollid = 0
 		var/datum/DBQuery/query_get_id = SSdbcore.NewQuery("SELECT LAST_INSERT_ID()")
 		if(!query_get_id.warn_execute())
+			qdel(query_get_id)
 			return
 		if(query_get_id.NextRow())
 			pollid = query_get_id.item[1]
+		qdel(query_get_id)
 		for(var/list/i in sql_option_list)
 			i |= list("pollid" = "'[pollid]'")
 		SSdbcore.MassInsert(format_table_name("poll_option"), sql_option_list, warn = 1)
-	log_admin("[key_name(usr)] has created a new server poll. Poll type: [polltype] - Admin Only: [adminonly ? "Yes" : "No"] - Question: [question]")
+	log_admin(m1)
-	message_admins("[key_name_admin(usr)] has created a new server poll. Poll type: [polltype] - Admin Only: [adminonly ? "Yes" : "No"]<br>Question: [question]")
+	message_admins(m2)

code/modules/admin/ipintel.dm

@@ -51,6 +51,7 @@
 					))
 				"})
 			if(!query_get_ip_intel.Execute())
+				qdel(query_get_ip_intel)
 				return
 			if (query_get_ip_intel.NextRow())
 				res.cache = TRUE
@@ -59,14 +60,16 @@
 				res.cacheminutesago = text2num(query_get_ip_intel.item[3])
 				res.cacherealtime = world.realtime - (text2num(query_get_ip_intel.item[3])*10*60)
 				SSipintel.cache[ip] = res
+				qdel(query_get_ip_intel)
 				return
+			qdel(query_get_ip_intel)
 	res.intel = ip_intel_query(ip)
 	if (updatecache && res.intel >= 0)
 		SSipintel.cache[ip] = res
 		if(SSdbcore.Connect())
 			var/datum/DBQuery/query_add_ip_intel = SSdbcore.NewQuery("INSERT INTO [format_table_name("ipintel")] (ip, intel) VALUES (INET_ATON('[ip]'), [res.intel]) ON DUPLICATE KEY UPDATE intel = VALUES(intel), date = NOW()")
 			query_add_ip_intel.Execute()
-
+			qdel(query_add_ip_intel)
 
 
 /proc/ip_intel_query(ip, var/retryed=0)

code/modules/admin/permissionedit.dm

@@ -31,9 +31,11 @@
 		page = text2num(page)
 		var/datum/DBQuery/query_count_admin_logs = SSdbcore.NewQuery("SELECT COUNT(id) FROM [format_table_name("admin_log")][search]")
 		if(!query_count_admin_logs.warn_execute())
+			qdel(query_count_admin_logs)
 			return
 		if(query_count_admin_logs.NextRow())
 			logcount = text2num(query_count_admin_logs.item[1])
+		qdel(query_count_admin_logs)
 		if(logcount > logssperpage)
 			output += "<br><b>Page: </b>"
 			while(logcount > 0)
@@ -44,6 +46,7 @@
 		var/limit = " LIMIT [logssperpage * page], [logssperpage]"
 		var/datum/DBQuery/query_search_admin_logs = SSdbcore.NewQuery("SELECT datetime, round_id, adminckey, operation, target, log FROM [format_table_name("admin_log")][search] ORDER BY datetime DESC[limit]")
 		if(!query_search_admin_logs.warn_execute())
+			qdel(query_search_admin_logs)
 			return
 		while(query_search_admin_logs.NextRow())
 			var/datetime = query_search_admin_logs.item[1]
@@ -53,19 +56,23 @@
 			target = query_search_admin_logs.item[5]
 			var/log = query_search_admin_logs.item[6]
 			output += "<p style='margin:0px'><b>[datetime] | Round ID [round_id] | Admin [admin_ckey] | Operation [operation] on [target]</b><br>[log]</p><hr style='background:#000000; border:0; height:3px'>"
+		qdel(query_search_admin_logs)
 	if(action == 2)
 		output += "<h3>Admin ckeys with invalid ranks</h3>"
 		var/datum/DBQuery/query_check_admin_errors = SSdbcore.NewQuery("SELECT ckey, [format_table_name("admin")].rank FROM [format_table_name("admin")] LEFT JOIN [format_table_name("admin_ranks")] ON [format_table_name("admin_ranks")].rank = [format_table_name("admin")].rank WHERE [format_table_name("admin_ranks")].rank IS NULL")
 		if(!query_check_admin_errors.warn_execute())
+			qdel(query_check_admin_errors)
 			return
 		while(query_check_admin_errors.NextRow())
 			var/admin_ckey = query_check_admin_errors.item[1]
 			var/admin_rank = query_check_admin_errors.item[2]
 			output += "[admin_ckey] has non-existant rank [admin_rank] | <a href='?_src_=holder;[HrefToken()];editrightsbrowsermanage=1;editrightschange=[admin_ckey]'>\[Change Rank\]</a> | <a href='?_src_=holder;[HrefToken()];editrightsbrowsermanage=1;editrightsremove=[admin_ckey]'>\[Remove\]</a>"
 			output += "<hr style='background:#000000; border:0; height:1px'>"
+		qdel(query_check_admin_errors)
 		output += "<h3>Unused ranks</h3>"
 		var/datum/DBQuery/query_check_unused_rank = SSdbcore.NewQuery("SELECT [format_table_name("admin_ranks")].rank, flags, exclude_flags, can_edit_flags FROM [format_table_name("admin_ranks")] LEFT JOIN [format_table_name("admin")] ON [format_table_name("admin")].rank = [format_table_name("admin_ranks")].rank WHERE [format_table_name("admin")].rank IS NULL")
 		if(!query_check_unused_rank.warn_execute())
+			qdel(query_check_unused_rank)
 			return
 		while(query_check_unused_rank.NextRow())
 			var/admin_rank = query_check_unused_rank.item[1]
@@ -74,6 +81,7 @@
 			<br>Denied: [rights2text(text2num(query_check_unused_rank.item[3])," ", "-")]
 			<br>Allowed to edit: [rights2text(text2num(query_check_unused_rank.item[4])," ", "*")]
 			<hr style='background:#000000; border:0; height:1px'>"}
+		qdel(query_check_unused_rank)
 	else if(!action)
 		output += {"<head>
 		<title>Permissions Panel</title>
@@ -108,6 +116,8 @@
 			output += "<td><a class='small' href='?src=[REF(src)];[HrefToken()];editrights=permissions;ckey=[adm_ckey]'>[rights2text(D.rank.can_edit_rights," ", "*")]</a></td>"
 			output += "</tr>"
 		output += "</table></div><div id='top'><b>Search:</b> <input type='text' id='filter' value='' style='width:70%;' onkeyup='updateSearch();'></div></body>"
+	if(QDELETED(usr))
+		return
 	usr << browse("<!DOCTYPE html><html>[jointext(output, "")]</html>","window=editrights;size=1000x650")
 
 /datum/admins/proc/edit_rights_topic(list/href_list)
@@ -153,6 +163,8 @@
 					admin_ckey = sanitizeSQL(admin_ckey)
 				else
 					use_db = FALSE
+			if(QDELETED(usr))
+				return
 	if(task != "add")
 		D = GLOB.admin_datums[admin_ckey]
 		if(!D)
@@ -198,16 +210,23 @@
 		//if an admin exists without a datum they won't be caught by the above
 		var/datum/DBQuery/query_admin_in_db = SSdbcore.NewQuery("SELECT 1 FROM [format_table_name("admin")] WHERE ckey = '[.]'")
 		if(!query_admin_in_db.warn_execute())
+			qdel(query_admin_in_db)
 			return FALSE
 		if(query_admin_in_db.NextRow())
+			qdel(query_admin_in_db)
 			to_chat(usr, "<span class='danger'>[.] already listed in admin database. Check the Management tab if they don't appear in the list of admins.</span>")
 			return FALSE
+		qdel(query_admin_in_db)
 		var/datum/DBQuery/query_add_admin = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin")] (ckey, rank) VALUES ('[.]', 'NEW ADMIN')")
 		if(!query_add_admin.warn_execute())
+			qdel(query_add_admin)
 			return FALSE
+		qdel(query_add_admin)
 		var/datum/DBQuery/query_add_admin_log = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_log")] (datetime, round_id, adminckey, adminip, operation, target, log) VALUES ('[SQLtime()]', '[GLOB.round_id]', '[sanitizeSQL(usr.ckey)]', INET_ATON('[sanitizeSQL(usr.client.address)]'), 'add admin', '[.]', 'New admin added: [.]')")
 		if(!query_add_admin_log.warn_execute())
+			qdel(query_add_admin_log)
 			return FALSE
+		qdel(query_add_admin_log)
 
 /datum/admins/proc/remove_admin(admin_ckey, use_db, datum/admins/D)
 	if(alert("Are you sure you want to remove [admin_ckey]?","Confirm Removal","Do it","Cancel") == "Do it")
@@ -215,16 +234,22 @@
 		GLOB.deadmins -= admin_ckey
 		if(D)
 			D.disassociate()
+		var/m1 = "[key_name_admin(usr)] removed [admin_ckey] from the admins list [use_db ? "permanently" : "temporarily"]"
+		var/m2 = "[key_name(usr)] removed [admin_ckey] from the admins list [use_db ? "permanently" : "temporarily"]"
 		if(use_db)
 			var/datum/DBQuery/query_add_rank = SSdbcore.NewQuery("DELETE FROM [format_table_name("admin")] WHERE ckey = '[admin_ckey]'")
 			if(!query_add_rank.warn_execute())
+				qdel(query_add_rank)
 				return
+			qdel(query_add_rank)
 			var/datum/DBQuery/query_add_rank_log = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_log")] (datetime, round_id, adminckey, adminip, operation, target, log) VALUES ('[SQLtime()]', '[GLOB.round_id]', '[sanitizeSQL(usr.ckey)]', INET_ATON('[sanitizeSQL(usr.client.address)]'), 'remove admin', '[admin_ckey]', 'Admin removed: [admin_ckey]')")
 			if(!query_add_rank_log.warn_execute())
+				qdel(query_add_rank_log)
 				return
+			qdel(query_add_rank_log)
 			sync_lastadminrank(admin_ckey)
-		message_admins("[key_name_admin(usr)] removed [admin_ckey] from the admins list [use_db ? "permanently" : "temporarily"]")
+		message_admins(m1)
-		log_admin("[key_name(usr)] removed [admin_ckey] from the admins list [use_db ? "permanently" : "temporarily"]")
+		log_admin(m2)
 
 /datum/admins/proc/force_readmin(admin_ckey, datum/admins/D)
 	if(!D || !D.deadmined)
@@ -260,35 +285,50 @@
 		else
 			R = new(new_rank) //blank new admin_rank
 		GLOB.admin_ranks += R
+	var/m1 = "[key_name_admin(usr)] edited the admin rank of [admin_ckey] to [new_rank] [use_db ? "permanently" : "temporarily"]"
+	var/m2 = "[key_name(usr)] edited the admin rank of [admin_ckey] to [new_rank] [use_db ? "permanently" : "temporarily"]"
 	if(use_db)
 		new_rank = sanitizeSQL(new_rank)
 		//if a player was tempminned before having a permanent change made to their rank they won't yet be in the db
 		var/old_rank
 		var/datum/DBQuery/query_admin_in_db = SSdbcore.NewQuery("SELECT rank FROM [format_table_name("admin")] WHERE ckey = '[admin_ckey]'")
 		if(!query_admin_in_db.warn_execute())
+			qdel(query_admin_in_db)
 			return
 		if(!query_admin_in_db.NextRow())
 			add_admin(admin_ckey, TRUE)
 			old_rank = "NEW ADMIN"
 		else
 			old_rank = query_admin_in_db.item[1]
+		qdel(query_admin_in_db)
 		//similarly if a temp rank is created it won't be in the db if someone is permanently changed to it
 		var/datum/DBQuery/query_rank_in_db = SSdbcore.NewQuery("SELECT 1 FROM [format_table_name("admin_ranks")] WHERE rank = '[new_rank]'")
 		if(!query_rank_in_db.warn_execute())
+			qdel(query_rank_in_db)
 			return
 		if(!query_rank_in_db.NextRow())
+			QDEL_NULL(query_rank_in_db)
 			var/datum/DBQuery/query_add_rank = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_ranks")] (rank, flags, exclude_flags, can_edit_flags) VALUES ('[new_rank]', '0', '0', '0')")
 			if(!query_add_rank.warn_execute())
+				qdel(query_add_rank)
 				return
+			qdel(query_add_rank)
 			var/datum/DBQuery/query_add_rank_log = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_log")] (datetime, round_id, adminckey, adminip, operation, target, log) VALUES ('[SQLtime()]', '[GLOB.round_id]', '[sanitizeSQL(usr.ckey)]', INET_ATON('[sanitizeSQL(usr.client.address)]'), 'add rank', '[new_rank]', 'New rank added: [new_rank]')")
 			if(!query_add_rank_log.warn_execute())
+				qdel(query_add_rank_log)
 				return
+			qdel(query_add_rank_log)
+		qdel(query_rank_in_db)
 		var/datum/DBQuery/query_change_rank = SSdbcore.NewQuery("UPDATE [format_table_name("admin")] SET rank = '[new_rank]' WHERE ckey = '[admin_ckey]'")
 		if(!query_change_rank.warn_execute())
+			qdel(query_change_rank)
 			return
+		qdel(query_change_rank)
 		var/datum/DBQuery/query_change_rank_log = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_log")] (datetime, round_id, adminckey, adminip, operation, target, log) VALUES ('[SQLtime()]', '[GLOB.round_id]', '[sanitizeSQL(usr.ckey)]', INET_ATON('[sanitizeSQL(usr.client.address)]'), 'change admin rank', '[admin_ckey]', 'Rank of [admin_ckey] changed from [old_rank] to [new_rank]')")
 		if(!query_change_rank_log.warn_execute())
+			qdel(query_change_rank_log)
 			return
+		qdel(query_change_rank_log)
 	if(D) //they were previously an admin
 		D.disassociate() //existing admin needs to be disassociated
 		D.rank = R //set the admin_rank as our rank
@@ -296,8 +336,8 @@
 		D.associate(C)
 	else
 		D = new(R, admin_ckey, TRUE) //new admin
-	message_admins("[key_name_admin(usr)] edited the admin rank of [admin_ckey] to [new_rank] [use_db ? "permanently" : "temporarily"]")
+	message_admins(m1)
-	log_admin("[key_name(usr)] edited the admin rank of [admin_ckey] to [new_rank] [use_db ? "permanently" : "temporarily"]")
+	log_admin(m2)
 
 /datum/admins/proc/change_admin_flags(admin_ckey, use_db, datum/admins/D, legacy_only)
 	var/new_flags = input_bitfield(usr, "Include permission flags<br>[use_db ? "This will affect ALL admins with this rank." : "This will affect only the current admin [admin_ckey]"]", "admin_flags", D.rank.include_rights, 350, 590, allowed_edit_list = usr.client.holder.rank.can_edit_rights)
@@ -309,23 +349,31 @@
 	var/new_can_edit_flags = input_bitfield(usr, "Editable permission flags<br>These are the flags this rank is allowed to edit if they have access to the permissions panel.<br>They will be unable to modify admins to a rank that has a flag not included here.<br>[use_db ? "This will affect ALL admins with this rank." : "This will affect only the current admin [admin_ckey]"]", "admin_flags", D.rank.can_edit_rights, 350, 710, allowed_edit_list = usr.client.holder.rank.can_edit_rights)
 	if(isnull(new_can_edit_flags))
 		return
+	var/m1 = "[key_name_admin(usr)] edited the permissions of [use_db ? " rank [D.rank.name] permanently" : "[admin_ckey] temporarily"]"
+	var/m2 = "[key_name(usr)] edited the permissions of [use_db ? " rank [D.rank.name] permanently" : "[admin_ckey] temporarily"]"
 	if(use_db || legacy_only)
 		var/old_flags
 		var/old_exclude_flags
 		var/old_can_edit_flags
 		var/datum/DBQuery/query_get_rank_flags = SSdbcore.NewQuery("SELECT flags, exclude_flags, can_edit_flags FROM [format_table_name("admin_ranks")] WHERE rank = '[D.rank.name]'")
 		if(!query_get_rank_flags.warn_execute())
+			qdel(query_get_rank_flags)
 			return
 		if(query_get_rank_flags.NextRow())
 			old_flags = text2num(query_get_rank_flags.item[1])
 			old_exclude_flags = text2num(query_get_rank_flags.item[2])
 			old_can_edit_flags = text2num(query_get_rank_flags.item[3])
+		qdel(query_get_rank_flags)
 		var/datum/DBQuery/query_change_rank_flags = SSdbcore.NewQuery("UPDATE [format_table_name("admin_ranks")] SET flags = '[new_flags]', exclude_flags = '[new_exclude_flags]', can_edit_flags = '[new_can_edit_flags]' WHERE rank = '[D.rank.name]'")
 		if(!query_change_rank_flags.warn_execute())
+			qdel(query_change_rank_flags)
 			return
+		qdel(query_change_rank_flags)
 		var/datum/DBQuery/query_change_rank_flags_log = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_log")] (datetime, round_id, adminckey, adminip, operation, target, log) VALUES ('[SQLtime()]', '[GLOB.round_id]', '[sanitizeSQL(usr.ckey)]', INET_ATON('[sanitizeSQL(usr.client.address)]'), 'change rank flags', '[D.rank.name]', 'Permissions of [D.rank.name] changed from[rights2text(old_flags," ")][rights2text(old_exclude_flags," ", "-")][rights2text(old_can_edit_flags," ", "*")] to[rights2text(new_flags," ")][rights2text(new_exclude_flags," ", "-")][rights2text(new_can_edit_flags," ", "*")]')")
 		if(!query_change_rank_flags_log.warn_execute())
+			qdel(query_change_rank_flags_log)
 			return
+		qdel(query_change_rank_flags_log)
 		for(var/datum/admin_rank/R in GLOB.admin_ranks)
 			if(R.name != D.rank.name)
 				continue
@@ -356,8 +404,8 @@
 			D.rank.can_edit_rights = new_can_edit_flags
 		var/client/C = GLOB.directory[admin_ckey] //find the client with the specified ckey (if they are logged in)
 		D.associate(C) //link up with the client and add verbs
-	message_admins("[key_name_admin(usr)] edited the permissions of [use_db ? " rank [D.rank.name] permanently" : "[admin_ckey] temporarily"]")
+	message_admins(m1)
-	log_admin("[key_name(usr)] edited the permissions of [use_db ? " rank [D.rank.name] permanently" : "[admin_ckey] temporarily"]")
+	log_admin(m2)
 
 /datum/admins/proc/remove_rank(admin_rank)
 	if(!admin_rank)
@@ -375,19 +423,28 @@
 	admin_rank = sanitizeSQL(admin_rank)
 	var/datum/DBQuery/query_admins_with_rank = SSdbcore.NewQuery("SELECT 1 FROM [format_table_name("admin")] WHERE rank = '[admin_rank]'")
 	if(!query_admins_with_rank.warn_execute())
+		qdel(query_admins_with_rank)
 		return
 	if(query_admins_with_rank.NextRow())
+		qdel(query_admins_with_rank)
 		to_chat(usr, "<span class='danger'>Error: Rank deletion attempted while rank still used; Tell a coder, this shouldn't happen.</span>")
 		return
+	qdel(query_admins_with_rank)
 	if(alert("Are you sure you want to remove [admin_rank]?","Confirm Removal","Do it","Cancel") == "Do it")
+		var/m1 = "[key_name_admin(usr)] removed rank [admin_rank] permanently"
+		var/m2 = "[key_name(usr)] removed rank [admin_rank] permanently"
 		var/datum/DBQuery/query_add_rank = SSdbcore.NewQuery("DELETE FROM [format_table_name("admin_ranks")] WHERE rank = '[admin_rank]'")
 		if(!query_add_rank.warn_execute())
+			qdel(query_add_rank)
 			return
+		qdel(query_add_rank)
 		var/datum/DBQuery/query_add_rank_log = SSdbcore.NewQuery("INSERT INTO [format_table_name("admin_log")] (datetime, round_id, adminckey, adminip, operation, target, log) VALUES ('[SQLtime()]', '[GLOB.round_id]', '[sanitizeSQL(usr.ckey)]', INET_ATON('[sanitizeSQL(usr.client.address)]'), 'remove rank', '[admin_rank]', 'Rank removed: [admin_rank]')")
 		if(!query_add_rank_log.warn_execute())
+			qdel(query_add_rank_log)
 			return
-		message_admins("[key_name_admin(usr)] removed rank [admin_rank] permanently")
+		qdel(query_add_rank_log)
-		log_admin("[key_name(usr)] removed rank [admin_rank] permanently")
+		message_admins(m1)
+		log_admin(m2)
 
 /datum/admins/proc/sync_lastadminrank(admin_ckey, datum/admins/D)
 	var/sqlrank = "Player"
@@ -396,5 +453,7 @@
 	admin_ckey = sanitizeSQL(admin_ckey)
 	var/datum/DBQuery/query_sync_lastadminrank = SSdbcore.NewQuery("UPDATE [format_table_name("player")] SET lastadminrank = '[sqlrank]' WHERE ckey = '[admin_ckey]'")
 	if(!query_sync_lastadminrank.warn_execute())
+		qdel(query_sync_lastadminrank)
 		return
+	qdel(query_sync_lastadminrank)
 	to_chat(usr, "<span class='admin'>Sync of [admin_ckey] successful.</span>")

code/modules/admin/sql_message_system.dm

@@ -11,11 +11,16 @@
 		new_ckey = sanitizeSQL(new_ckey)
 		var/datum/DBQuery/query_find_ckey = SSdbcore.NewQuery("SELECT ckey FROM [format_table_name("player")] WHERE ckey = '[new_ckey]'")
 		if(!query_find_ckey.warn_execute())
+			qdel(query_find_ckey)
 			return
 		if(!query_find_ckey.NextRow())
 			if(alert(usr, "[new_ckey] has not been seen before, are you sure you want to create a [type] for them?", "Unknown ckey", "Yes", "No", "Cancel") != "Yes")
+				qdel(query_find_ckey)
 				return
+		qdel(query_find_ckey)
 		target_ckey = new_ckey
+	if(QDELETED(usr))
+		return
 	if(target_ckey)
 		target_ckey = sanitizeSQL(target_ckey)
 	if(!admin_ckey)
@@ -46,11 +51,19 @@
 			else
 				return
 	var/datum/DBQuery/query_create_message = SSdbcore.NewQuery("INSERT INTO [format_table_name("messages")] (type, targetckey, adminckey, text, timestamp, server, server_ip, server_port, round_id, secret) VALUES ('[type]', '[target_ckey]', '[admin_ckey]', '[text]', '[timestamp]', '[server]', INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')), '[world.port]', '[GLOB.round_id]','[secret]')")
+	var/pm = "[key_name(usr)] has created a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for [target_ckey]" : ""]: [text]"
+	var/header = "[key_name_admin(usr)] has created a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for [target_ckey]" : ""]"
 	if(!query_create_message.warn_execute())
+		qdel(query_create_message)
 		return
+	qdel(query_create_message)
 	if(logged)
+<<<<<<< HEAD
 		log_admin_private("[key_name(usr)] has created a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for [target_ckey]" : ""]: [text]")
 		var/header = "[key_name(usr)] has created a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for [target_ckey]" : ""]" // yogs - Yog Tickets
+=======
+		log_admin_private(pm)
+>>>>>>> cf7e8aa9ec... Qdels queries, adds sleep safety checks, DBcore checks for leaks (#38363)
 		message_admins("[header]:<br>[text]")
 		admin_ticket_log(target_ckey, header) // yogs - Yog Tickets
 		admin_ticket_log(target_ckey, text)
@@ -69,19 +82,25 @@
 	var/type
 	var/target_ckey
 	var/text
+	var/m1 = "[key_name(usr)] has deleted a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for" : " made by"] [target_ckey]: [text]"
+	var/m2 = "[key_name_admin(usr)] has deleted a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for" : " made by"] [target_ckey]:<br>[text]"
 	var/datum/DBQuery/query_find_del_message = SSdbcore.NewQuery("SELECT type, targetckey, adminckey, text FROM [format_table_name("messages")] WHERE id = [message_id] AND deleted = 0")
 	if(!query_find_del_message.warn_execute())
+		qdel(query_find_del_message)
 		return
 	if(query_find_del_message.NextRow())
 		type = query_find_del_message.item[1]
 		target_ckey = query_find_del_message.item[2]
 		text = query_find_del_message.item[4]
+	qdel(query_find_del_message)
 	var/datum/DBQuery/query_del_message = SSdbcore.NewQuery("UPDATE [format_table_name("messages")] SET deleted = 1 WHERE id = [message_id]")
 	if(!query_del_message.warn_execute())
+		qdel(query_del_message)
 		return
+	qdel(query_del_message)
 	if(logged)
-		log_admin_private("[key_name(usr)] has deleted a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for" : " made by"] [target_ckey]: [text]")
+		log_admin_private(m1)
-		message_admins("[key_name_admin(usr)] has deleted a [type][(type == "note" || type == "message" || type == "watchlist entry") ? " for" : " made by"] [target_ckey]:<br>[text]")
+		message_admins(m2)
 		if(browse)
 			browse_messages("[type]")
 		else
@@ -96,6 +115,7 @@
 		return
 	var/datum/DBQuery/query_find_edit_message = SSdbcore.NewQuery("SELECT type, targetckey, adminckey, text FROM [format_table_name("messages")] WHERE id = [message_id] AND deleted = 0")
 	if(!query_find_edit_message.warn_execute())
+		qdel(query_find_edit_message)
 		return
 	if(query_find_edit_message.NextRow())
 		var/type = query_find_edit_message.item[1]
@@ -105,11 +125,13 @@
 		var/editor_ckey = sanitizeSQL(usr.ckey)
 		var/new_text = input("Input new [type]", "New [type]", "[old_text]") as null|message
 		if(!new_text)
+			qdel(query_find_edit_message)
 			return
 		new_text = sanitizeSQL(new_text)
 		var/edit_text = sanitizeSQL("Edited by [editor_ckey] on [SQLtime()] from<br>[old_text]<br>to<br>[new_text]<hr>")
 		var/datum/DBQuery/query_edit_message = SSdbcore.NewQuery("UPDATE [format_table_name("messages")] SET text = '[new_text]', lasteditor = '[editor_ckey]', edits = CONCAT(IFNULL(edits,''),'[edit_text]') WHERE id = [message_id] AND deleted = 0")
 		if(!query_edit_message.warn_execute())
+			qdel(query_find_edit_message)
 			return
 		log_admin_private("[key_name(usr)] has edited a [type] [(type == "note" || type == "message" || type == "watchlist entry") ? " for [target_ckey]" : ""] made by [admin_ckey] from [old_text] to [new_text]")
 		message_admins("[key_name_admin(usr)] has edited a [type] [(type == "note" || type == "message" || type == "watchlist entry") ? " for [target_ckey]" : ""] made by [admin_ckey] from<br>[old_text]<br>to<br>[new_text]")
@@ -117,6 +139,7 @@
 			browse_messages("[type]")
 		else
 			browse_messages(target_ckey = target_ckey, agegate = TRUE)
+	qdel(query_find_edit_message)
 
 /proc/toggle_message_secrecy(message_id)
 	if(!SSdbcore.Connect())
@@ -125,22 +148,30 @@
 	message_id = text2num(message_id)
 	if(!message_id)
 		return
+	var/editor_ckey = usr.ckey
+	var/kn = key_name(usr)
+	var/kna = key_name_admin(usr)
 	var/datum/DBQuery/query_find_message_secret = SSdbcore.NewQuery("SELECT type, targetckey, adminckey, secret FROM [format_table_name("messages")] WHERE id = [message_id] AND deleted = 0")
 	if(!query_find_message_secret.warn_execute())
+		qdel(query_find_message_secret)
 		return
 	if(query_find_message_secret.NextRow())
 		var/type = query_find_message_secret.item[1]
 		var/target_ckey = query_find_message_secret.item[2]
 		var/admin_ckey = query_find_message_secret.item[3]
 		var/secret = text2num(query_find_message_secret.item[4])
-		var/editor_ckey = sanitizeSQL(usr.ckey)
+		editor_ckey = sanitizeSQL(editor_ckey)
 		var/edit_text = "Made [secret ? "not secret" : "secret"] by [editor_ckey] on [SQLtime()]<hr>"
 		var/datum/DBQuery/query_message_secret = SSdbcore.NewQuery("UPDATE [format_table_name("messages")] SET secret = NOT secret, lasteditor = '[editor_ckey]', edits = CONCAT(IFNULL(edits,''),'[edit_text]') WHERE id = [message_id]")
 		if(!query_message_secret.warn_execute())
+			qdel(query_find_message_secret)
+			qdel(query_message_secret)
 			return
-		log_admin_private("[key_name(usr)] has toggled [target_ckey]'s [type] made by [admin_ckey] to [secret ? "not secret" : "secret"]")
+		qdel(query_message_secret)
-		message_admins("[key_name_admin(usr)] has toggled [target_ckey]'s [type] made by [admin_ckey] to [secret ? "not secret" : "secret"]")
+		log_admin_private("[kn] has toggled [target_ckey]'s [type] made by [admin_ckey] to [secret ? "not secret" : "secret"]")
+		message_admins("[kna] has toggled [target_ckey]'s [type] made by [admin_ckey] to [secret ? "not secret" : "secret"]")
 		browse_messages(target_ckey = target_ckey, agegate = TRUE)
+	qdel(query_find_message_secret)
 
 /proc/browse_messages(type, target_ckey, index, linkless = FALSE, filter, agegate = FALSE)
 	if(!SSdbcore.Connect())
@@ -173,8 +204,11 @@
 		output += ruler
 		var/datum/DBQuery/query_get_type_messages = SSdbcore.NewQuery("SELECT id, targetckey, adminckey, text, timestamp, server, lasteditor FROM [format_table_name("messages")] WHERE type = '[type]' AND deleted = 0")
 		if(!query_get_type_messages.warn_execute())
+			qdel(query_get_type_messages)
 			return
 		while(query_get_type_messages.NextRow())
+			if(QDELETED(usr))
+				return
 			var/id = query_get_type_messages.item[1]
 			var/t_ckey = query_get_type_messages.item[2]
 			if(type == "watchlist entry" && filter && !(t_ckey in GLOB.directory))
@@ -193,16 +227,20 @@
 			if(editor_ckey)
 				output += " <font size='2'>Last edit by [editor_ckey] <a href='?_src_=holder;[HrefToken()];messageedits=[id]'>(Click here to see edit log)</a></font>"
 			output += "<br>[text]<hr style='background:#000000; border:0; height:1px'>"
+		qdel(query_get_type_messages)
 	if(target_ckey)
 		target_ckey = sanitizeSQL(target_ckey)
 		var/datum/DBQuery/query_get_messages = SSdbcore.NewQuery("SELECT type, secret, id, adminckey, text, timestamp, server, lasteditor, DATEDIFF(NOW(), timestamp) AS `age` FROM [format_table_name("messages")] WHERE type <> 'memo' AND targetckey = '[target_ckey]' AND deleted = 0 ORDER BY timestamp DESC")
 		if(!query_get_messages.warn_execute())
+			qdel(query_get_messages)
 			return
 		var/list/messagedata = list()
 		var/list/watchdata = list()
 		var/list/notedata = list()
 		var/skipped = 0
 		while(query_get_messages.NextRow())
+			if(QDELETED(usr))
+				return
 			type = query_get_messages.item[1]
 			if(type == "memo")
 				continue
@@ -253,6 +291,7 @@
 					watchdata += data
 				if("note")
 					notedata += data
+		qdel(query_get_messages)
 		output += "<h2><center>[target_ckey]</center></h2><center>"
 		if(!linkless)
 			output += "<a href='?_src_=holder;[HrefToken()];addnote=[target_ckey]'>\[Add note\]</a>"
@@ -296,16 +335,20 @@
 				search = "^[index]"
 		var/datum/DBQuery/query_list_messages = SSdbcore.NewQuery("SELECT DISTINCT targetckey FROM [format_table_name("messages")] WHERE type <> 'memo' AND targetckey REGEXP '[search]' AND deleted = 0 ORDER BY targetckey")
 		if(!query_list_messages.warn_execute())
+			qdel(query_list_messages)
 			return
 		while(query_list_messages.NextRow())
+			if(QDELETED(usr))
+				return
 			index_ckey = query_list_messages.item[1]
 			output += "<a href='?_src_=holder;[HrefToken()];showmessageckey=[index_ckey]'>[index_ckey]</a><br>"
+		qdel(query_list_messages)
 	else if(!type && !target_ckey && !index)
 		output += "<center></a> <a href='?_src_=holder;[HrefToken()];addmessageempty=1'>\[Add message\]</a><a href='?_src_=holder;[HrefToken()];addwatchempty=1'>\[Add watchlist entry\]</a><a href='?_src_=holder;[HrefToken()];addnoteempty=1'>\[Add note\]</a></center>"
 		output += ruler
 	usr << browse({"<!DOCTYPE html><html><head><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /></head><body>[jointext(output, "")]</body></html>"}, "window=browse_messages;size=900x500")
 
-proc/get_message_output(type, target_ckey)
+/proc/get_message_output(type, target_ckey)
 	if(!SSdbcore.Connect())
 		to_chat(usr, "<span class='danger'>Failed to establish database connection.</span>")
 		return
@@ -319,6 +362,7 @@ proc/get_message_output(type, target_ckey)
 		query += " AND targetckey = '[target_ckey]'"
 	var/datum/DBQuery/query_get_message_output = SSdbcore.NewQuery(query)
 	if(!query_get_message_output.warn_execute())
+		qdel(query_get_message_output)
 		return
 	while(query_get_message_output.NextRow())
 		var/message_id = query_get_message_output.item[1]
@@ -332,7 +376,10 @@ proc/get_message_output(type, target_ckey)
 				output += "<br><font color='red'>[text]</font><br>"
 				var/datum/DBQuery/query_message_read = SSdbcore.NewQuery("UPDATE [format_table_name("messages")] SET type = 'message sent' WHERE id = [message_id]")
 				if(!query_message_read.warn_execute())
+					qdel(query_get_message_output)
+					qdel(query_message_read)
 					return
+				qdel(query_message_read)
 			if("watchlist entry")
 				message_admins("<font color='red'><B>Notice: </B></font><font color='blue'>[key_name_admin(target_ckey)] has been on the watchlist since [timestamp] and has just connected - Reason: [text]</font>")
 				send2irc_adminless_only("Watchlist", "[key_name(target_ckey)] is on the watchlist and has just connected - Reason: [text]")
@@ -341,6 +388,7 @@ proc/get_message_output(type, target_ckey)
 				if(editor_ckey)
 					output += "<br><span class='memoedit'>Last edit by [editor_ckey] <A href='?_src_=holder;[HrefToken()];messageedits=[message_id]'>(Click here to see edit log)</A></span>"
 				output += "<br>[text]</span><br>"
+	qdel(query_get_message_output)
 	return output
 
 #define NOTESFILE "data/player_notes.sav"
@@ -365,9 +413,11 @@ proc/get_message_output(type, target_ckey)
 		var/admin_ckey = note.group[3]
 		var/datum/DBQuery/query_convert_time = SSdbcore.NewQuery("SELECT ADDTIME(STR_TO_DATE('[timestamp]','%d-%b-%Y'), '0')")
 		if(!query_convert_time.Execute())
+			qdel(query_convert_time)
 			return
 		if(query_convert_time.NextRow())
 			timestamp = query_convert_time.item[1]
+		qdel(query_convert_time)
 		if(ckey && notetext && timestamp && admin_ckey && server)
 			create_message("note", ckey, admin_ckey, notetext, timestamp, server, 1, 0)
 	notesfile.cd = "/"

code/modules/admin/topic.dm

@@ -1191,10 +1191,13 @@
 		var/message_id = sanitizeSQL("[href_list["messageedits"]]")
 		var/datum/DBQuery/query_get_message_edits = SSdbcore.NewQuery("SELECT edits FROM [format_table_name("messages")] WHERE id = '[message_id]'")
 		if(!query_get_message_edits.warn_execute())
+			qdel(query_get_message_edits)
 			return
 		if(query_get_message_edits.NextRow())
 			var/edit_log = query_get_message_edits.item[1]
+			if(!QDELETED(usr))
 				usr << browse(edit_log,"window=noteedits")
+		qdel(query_get_message_edits)
 
 	else if(href_list["newban"])
 		if(!check_rights(R_BAN))

code/modules/antagonists/_common/antag_datum.dm

@@ -75,7 +75,7 @@ GLOBAL_LIST_EMPTY(antagonists)
 /datum/antagonist/proc/is_banned(mob/M)
 	if(!M)
 		return FALSE
-	. = (jobban_isbanned(M, ROLE_SYNDICATE) || (job_rank && jobban_isbanned(M,job_rank)))
+	. = (jobban_isbanned(M, ROLE_SYNDICATE) || QDELETED(M) || (job_rank && (jobban_isbanned(M,job_rank) || QDELETED(M))))
 
 /datum/antagonist/proc/replace_banned_player()
 	set waitfor = FALSE

code/modules/antagonists/cult/runes.dm

@@ -842,7 +842,7 @@ structure_check() searches for nearby cultist structures required for the invoca
 		notify_ghosts("Manifest rune invoked in [get_area(src)].", 'sound/effects/ghost2.ogg', source = src)
 		var/list/ghosts_on_rune = list()
 		for(var/mob/dead/observer/O in T)
-			if(O.client && !jobban_isbanned(O, ROLE_CULTIST))
+			if(O.client && !jobban_isbanned(O, ROLE_CULTIST) && !QDELETED(src) && !QDELETED(O))
 				ghosts_on_rune += O
 		if(!ghosts_on_rune.len)
 			to_chat(user, "<span class='cultitalic'>There are no spirits near [src]!</span>")

code/modules/awaymissions/corpse.dm

@@ -37,6 +37,8 @@
 	if(jobban_isbanned(user, banType))
 		to_chat(user, "<span class='warning'>You are jobanned!</span>")
 		return
+	if(QDELETED(src) || QDELETED(user))
+		return
 	var/ghost_role = alert("Become [mob_name]? (Warning, You can no longer be cloned!)",,"Yes","No")
 	if(ghost_role == "No" || !loc)
 		return

code/modules/client/client_procs.dm

@@ -456,12 +456,14 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 	related_accounts_ip = ""
 	while(query_get_related_ip.NextRow())
 		related_accounts_ip += "[query_get_related_ip.item[1]], "
+	qdel(query_get_related_ip)
 	var/datum/DBQuery/query_get_related_cid = SSdbcore.NewQuery("SELECT ckey FROM [format_table_name("player")] WHERE computerid = '[computer_id]' AND ckey != '[sql_ckey]'")
 	if(!query_get_related_cid.Execute())
 		return
 	related_accounts_cid = ""
 	while (query_get_related_cid.NextRow())
 		related_accounts_cid += "[query_get_related_cid.item[1]], "
+	qdel(query_get_related_cid)
 	var/admin_rank = "Player"
 	if (src.holder && src.holder.rank)
 		admin_rank = src.holder.rank.name
@@ -474,6 +476,7 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 	var/new_player
 	var/datum/DBQuery/query_client_in_db = SSdbcore.NewQuery("SELECT 1 FROM [format_table_name("player")] WHERE ckey = '[sql_ckey]'")
 	if(!query_client_in_db.Execute())
+		qdel(query_client_in_db)
 		return
 	if(!query_client_in_db.NextRow())
 		if (CONFIG_GET(flag/panic_bunker) && !holder && !GLOB.deadmins[ckey])
@@ -487,6 +490,7 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 				to_chat(src, "<span class='notice'>Sending you to [panic_name ? panic_name : panic_addr].</span>")
 				winset(src, null, "command=.options")
 				src << link("[panic_addr]?redirect=1")
+			qdel(query_client_in_db)
 			qdel(src)
 			return
 
@@ -494,12 +498,17 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 		account_join_date = sanitizeSQL(findJoinDate())
 		var/datum/DBQuery/query_add_player = SSdbcore.NewQuery("INSERT INTO [format_table_name("player")] (`ckey`, `firstseen`, `firstseen_round_id`, `lastseen`, `lastseen_round_id`, `ip`, `computerid`, `lastadminrank`, `accountjoindate`) VALUES ('[sql_ckey]', Now(), '[GLOB.round_id]', Now(), '[GLOB.round_id]', INET_ATON('[sql_ip]'), '[sql_computerid]', '[sql_admin_rank]', [account_join_date ? "'[account_join_date]'" : "NULL"])")
 		if(!query_add_player.Execute())
+			qdel(query_client_in_db)
+			qdel(query_add_player)
 			return
+		qdel(query_add_player)
 		if(!account_join_date)
 			account_join_date = "Error"
 			account_age = -1
+	qdel(query_client_in_db)
 	var/datum/DBQuery/query_get_client_age = SSdbcore.NewQuery("SELECT firstseen, DATEDIFF(Now(),firstseen), accountjoindate, DATEDIFF(Now(),accountjoindate) FROM [format_table_name("player")] WHERE ckey = '[sql_ckey]'")
 	if(!query_get_client_age.Execute())
+		qdel(query_get_client_age)
 		return
 	if(query_get_client_age.NextRow())
 		player_join_date = query_get_client_age.item[1]
@@ -514,23 +523,32 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 				else
 					var/datum/DBQuery/query_datediff = SSdbcore.NewQuery("SELECT DATEDIFF(Now(),'[account_join_date]')")
 					if(!query_datediff.Execute())
+						qdel(query_datediff)
 						return
 					if(query_datediff.NextRow())
 						account_age = text2num(query_datediff.item[1])
+					qdel(query_datediff)
+	qdel(query_get_client_age)
 	if(!new_player)
 		var/datum/DBQuery/query_log_player = SSdbcore.NewQuery("UPDATE [format_table_name("player")] SET lastseen = Now(), lastseen_round_id = '[GLOB.round_id]', ip = INET_ATON('[sql_ip]'), computerid = '[sql_computerid]', lastadminrank = '[sql_admin_rank]', accountjoindate = [account_join_date ? "'[account_join_date]'" : "NULL"] WHERE ckey = '[sql_ckey]'")
 		if(!query_log_player.Execute())
+			qdel(query_log_player)
 			return
+		qdel(query_log_player)
 	if(!account_join_date)
 		account_join_date = "Error"
 	var/datum/DBQuery/query_log_connection = SSdbcore.NewQuery("INSERT INTO `[format_table_name("connection_log")]` (`id`,`datetime`,`server_ip`,`server_port`,`round_id`,`ckey`,`ip`,`computerid`) VALUES(null,Now(),INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')),'[world.port]','[GLOB.round_id]','[sql_ckey]',INET_ATON('[sql_ip]'),'[sql_computerid]')")
 	query_log_connection.Execute()
+<<<<<<< HEAD
 	// yogs start - logout logging
 	var/datum/DBQuery/query_getid = SSdbcore.NewQuery("SELECT `id` FROM `[format_table_name("connection_log")]` WHERE `serverip`=INET_ATON(IF('[world.internet_address]' LIKE '', '0', '[world.internet_address]')) AND `ckey`='[sql_ckey]' AND `ip`='[sql_ip]' AND `computerid`='[sql_computerid]' ORDER BY datetime DESC LIMIT 1;")
 	query_getid.Execute()
 	while (query_getid.NextRow())
 		connection_number = query_getid.item[1]
 	// yogs end
+=======
+	qdel(query_log_connection)
+>>>>>>> cf7e8aa9ec... Qdels queries, adds sleep safety checks, DBcore checks for leaks (#38363)
 	if(new_player)
 		player_age = -1
 	. = player_age
@@ -566,6 +584,7 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 	var/lastcid
 	if (query_cidcheck.NextRow())
 		lastcid = query_cidcheck.item[1]
+	qdel(query_cidcheck)
 	var/oldcid = cidcheck[ckey]
 
 	if (oldcid)
@@ -639,16 +658,22 @@ GLOBAL_LIST_EMPTY(external_rsc_urls)
 	//check to see if we noted them in the last day.
 	var/datum/DBQuery/query_get_notes = SSdbcore.NewQuery("SELECT id FROM [format_table_name("messages")] WHERE type = 'note' AND targetckey = '[sql_ckey]' AND adminckey = '[sql_system_ckey]' AND timestamp + INTERVAL 1 DAY < NOW() AND deleted = 0")
 	if(!query_get_notes.Execute())
+		qdel(query_get_notes)
 		return
 	if(query_get_notes.NextRow())
+		qdel(query_get_notes)
 		return
+	qdel(query_get_notes)
 	//regardless of above, make sure their last note is not from us, as no point in repeating the same note over and over.
 	query_get_notes = SSdbcore.NewQuery("SELECT adminckey FROM [format_table_name("messages")] WHERE targetckey = '[sql_ckey]' AND deleted = 0 ORDER BY timestamp DESC LIMIT 1")
 	if(!query_get_notes.Execute())
+		qdel(query_get_notes)
 		return
 	if(query_get_notes.NextRow())
 		if (query_get_notes.item[1] == system_ckey)
+			qdel(query_get_notes)
 			return
+	qdel(query_get_notes)
 	create_message("note", ckey, system_ckey, message, null, null, 0, 0)
 
 

code/modules/client/preferences.dm

@@ -1048,6 +1048,7 @@ GLOBAL_LIST_EMPTY(preferences_datums)
 		var/sql_ckey = sanitizeSQL(user.ckey)
 		var/datum/DBQuery/query_get_jobban = SSdbcore.NewQuery("SELECT reason, bantime, duration, expiration_time, a_ckey FROM [format_table_name("ban")] WHERE ckey = '[sql_ckey]' AND (bantype = 'JOB_PERMABAN'  OR (bantype = 'JOB_TEMPBAN' AND expiration_time > Now())) AND (isnull(unbanned) OR unbanned = 0) AND job = '[job]'") // yogs - Yog Bans
 		if(!query_get_jobban.warn_execute())
+			qdel(query_get_jobban)
 			return
 		if(query_get_jobban.NextRow())
 			var/reason = query_get_jobban.item[1]
@@ -1061,6 +1062,7 @@ GLOBAL_LIST_EMPTY(preferences_datums)
 				text += ". The ban is for [duration] minutes and expires on [expiration_time] (server time)"
 			text += ".</span>"
 			to_chat(user, text)
+		qdel(query_get_jobban)
 		return
 	// yogs start - Donor features
 	if(href_list["preference"] == "donor")

code/modules/client/verbs/ooc.dm

@@ -22,6 +22,8 @@
 	if(jobban_isbanned(src.mob, "OOC"))
 		to_chat(src, "<span class='danger'>You have been banned from OOC.</span>")
 		return
+	if(QDELETED(src))
+		return
 
 	msg = copytext(sanitize(msg), 1, MAX_MESSAGE_LEN)
 	var/raw_msg = msg

code/modules/jobs/job_exp.dm

@@ -143,8 +143,10 @@ GLOBAL_PROTECT(exp_to_update)
 		L.update_exp_list(mins,ann)
 
 /datum/controller/subsystem/blackbox/proc/update_exp_db()
-	SSdbcore.MassInsert(format_table_name("role_time"), GLOB.exp_to_update, "ON DUPLICATE KEY UPDATE minutes = minutes + VALUES(minutes)")
+	set waitfor = FALSE
-	LAZYCLEARLIST(GLOB.exp_to_update)
+	var/list/old_minutes = GLOB.exp_to_update
+	GLOB.exp_to_update = null
+	SSdbcore.MassInsert(format_table_name("role_time"), old_minutes, "ON DUPLICATE KEY UPDATE minutes = minutes + VALUES(minutes)")
 
 //resets a client's exp to what was in the db.
 /client/proc/set_exp_from_db()
@@ -154,10 +156,12 @@ GLOBAL_PROTECT(exp_to_update)
 		return -1
 	var/datum/DBQuery/exp_read = SSdbcore.NewQuery("SELECT job, minutes FROM [format_table_name("role_time")] WHERE ckey = '[sanitizeSQL(ckey)]'")
 	if(!exp_read.Execute())
+		qdel(exp_read)
 		return -1
 	var/list/play_records = list()
 	while(exp_read.NextRow())
 		play_records[exp_read.item[1]] = text2num(exp_read.item[2])
+	qdel(exp_read)
 
 	for(var/rtype in SSjob.name_occupations)
 		if(!play_records[rtype])
@@ -186,7 +190,9 @@ GLOBAL_PROTECT(exp_to_update)
 	var/datum/DBQuery/flag_update = SSdbcore.NewQuery("UPDATE [format_table_name("player")] SET flags = '[prefs.db_flags]' WHERE ckey='[sanitizeSQL(ckey)]'")
 
 	if(!flag_update.Execute())
+		qdel(flag_update)
 		return -1
+	qdel(flag_update)
 
 
 /client/proc/update_exp_list(minutes, announce_changes = FALSE)
@@ -264,10 +270,12 @@ GLOBAL_PROTECT(exp_to_update)
 	var/datum/DBQuery/flags_read = SSdbcore.NewQuery("SELECT flags FROM [format_table_name("player")] WHERE ckey='[ckey]'")
 
 	if(!flags_read.Execute())
+		qdel(flags_read)
 		return FALSE
 
 	if(flags_read.NextRow())
 		prefs.db_flags = text2num(flags_read.item[1])
 	else if(isnull(prefs.db_flags))
 		prefs.db_flags = 0	//This PROBABLY won't happen, but better safe than sorry.
+	qdel(flags_read)
 	return TRUE

code/modules/library/lib_machines.dm

@@ -41,6 +41,8 @@
 		if(1)
 			if (!SSdbcore.Connect())
 				dat += "<font color=red><b>ERROR</b>: Unable to contact External Archive. Please contact your system administrator for assistance.</font><BR>"
+			else if(QDELETED(user))
+				return
 			else if(!SQLquery)
 				dat += "<font color=red><b>ERROR</b>: Malformed search request. Please contact your system administrator for assistance.</font><BR>"
 			else
@@ -50,12 +52,16 @@
 				var/datum/DBQuery/query_library_list_books = SSdbcore.NewQuery(SQLquery)
 				if(!query_library_list_books.Execute())
 					dat += "<font color=red><b>ERROR</b>: Unable to retrieve book listings. Please contact your system administrator for assistance.</font><BR>"
+				else
 					while(query_library_list_books.NextRow())
 						var/author = query_library_list_books.item[1]
 						var/title = query_library_list_books.item[2]
 						var/category = query_library_list_books.item[3]
 						var/id = query_library_list_books.item[4]
 						dat += "<tr><td>[author]</td><td>[title]</td><td>[category]</td><td>[id]</td></tr>"
+				qdel(query_library_list_books)
+				if(QDELETED(user))
+					return
 				dat += "</table><BR>"
 			dat += "<A href='?src=[REF(src)];back=1'>\[Go Back\]</A><BR>"
 	var/datum/browser/popup = new(user, "publiclibrary", name, 600, 400)
@@ -135,6 +141,7 @@ GLOBAL_LIST(cachedbooks) // List of our cached book datums
 	GLOB.cachedbooks = list()
 	var/datum/DBQuery/query_library_cache = SSdbcore.NewQuery("SELECT id, author, title, category FROM [format_table_name("library")] WHERE isnull(deleted)")
 	if(!query_library_cache.Execute())
+		qdel(query_library_cache)
 		return
 	while(query_library_cache.NextRow())
 		var/datum/cachedbook/newbook = new()
@@ -143,6 +150,7 @@ GLOBAL_LIST(cachedbooks) // List of our cached book datums
 		newbook.title = query_library_cache.item[3]
 		newbook.category = query_library_cache.item[4]
 		GLOB.cachedbooks += newbook
+	qdel(query_library_cache)
 
 
 
@@ -414,12 +422,15 @@ GLOBAL_LIST(cachedbooks) // List of our cached book datums
 						var/sqlauthor = sanitizeSQL(scanner.cache.author)
 						var/sqlcontent = sanitizeSQL(scanner.cache.dat)
 						var/sqlcategory = sanitizeSQL(upload_category)
+						var/msg = "[key_name(usr)] has uploaded the book titled [scanner.cache.name], [length(scanner.cache.dat)] signs"
 						var/datum/DBQuery/query_library_upload = SSdbcore.NewQuery("INSERT INTO [format_table_name("library")] (author, title, content, category, ckey, datetime, round_id_created) VALUES ('[sqlauthor]', '[sqltitle]', '[sqlcontent]', '[sqlcategory]', '[usr.ckey]', Now(), '[GLOB.round_id]')")
 						if(!query_library_upload.Execute())
+							qdel(query_library_upload)
 							alert("Database error encountered uploading to Archive")
 							return
 						else
-							log_game("[key_name(usr)] has uploaded the book titled [scanner.cache.name], [length(scanner.cache.dat)] signs")
+							log_game(msg)
+							qdel(query_library_upload)
 							alert("Upload Complete. Uploaded title will be unavailable for printing for a short period")
 	if(href_list["newspost"])
 		if(!GLOB.news_network)
@@ -452,12 +463,14 @@ GLOBAL_LIST(cachedbooks) // List of our cached book datums
 			cooldown = world.time + PRINTER_COOLDOWN
 			var/datum/DBQuery/query_library_print = SSdbcore.NewQuery("SELECT * FROM [format_table_name("library")] WHERE id=[sqlid] AND isnull(deleted)")
 			if(!query_library_print.Execute())
+				qdel(query_library_print)
 				say("PRINTER ERROR! Failed to print document (0x0000000F)")
 				return
 			while(query_library_print.NextRow())
 				var/author = query_library_print.item[2]
 				var/title = query_library_print.item[3]
 				var/content = query_library_print.item[4]
+				if(!QDELETED(src))
 					var/obj/item/book/B = new(get_turf(src))
 					B.name = "Book: [title]"
 					B.title = title
@@ -466,6 +479,7 @@ GLOBAL_LIST(cachedbooks) // List of our cached book datums
 					B.icon_state = "book[rand(1,8)]"
 					visible_message("[src]'s printer hums as it produces a completely bound book. How did it do that?")
 				break
+			qdel(query_library_print)
 	if(href_list["printbible"])
 		if(cooldown < world.time)
 			var/obj/item/storage/book/bible/B = new /obj/item/storage/book/bible(src.loc)

code/modules/library/random_books.dm

@@ -60,8 +60,7 @@
 			B.dat		=	query_get_random_books.item[4]
 			B.name		=	"Book: [B.title]"
 			B.icon_state=	"book[rand(1,8)]"
-	else
+	qdel(query_get_random_books)
-		return
 
 /obj/structure/bookcase/random/fiction
 	name = "bookcase (Fiction)"

code/modules/mob/dead/new_player/new_player.dm

@@ -54,15 +54,19 @@
 			if(src.client && src.client.holder)
 				isadmin = 1
 			var/datum/DBQuery/query_get_new_polls = SSdbcore.NewQuery("SELECT id FROM [format_table_name("poll_question")] WHERE [(isadmin ? "" : "adminonly = false AND")] Now() BETWEEN starttime AND endtime AND id NOT IN (SELECT pollid FROM [format_table_name("poll_vote")] WHERE ckey = \"[ckey]\") AND id NOT IN (SELECT pollid FROM [format_table_name("poll_textreply")] WHERE ckey = \"[ckey]\")")
+			var/rs = REF(src)
 			if(query_get_new_polls.Execute())
 				var/newpoll = 0
 				if(query_get_new_polls.NextRow())
 					newpoll = 1
 
 				if(newpoll)
-					output += "<p><b><a href='byond://?src=[REF(src)];showpoll=1'>Show Player Polls</A> (NEW!)</b></p>"
+					output += "<p><b><a href='byond://?src=[rs];showpoll=1'>Show Player Polls</A> (NEW!)</b></p>"
 				else
-					output += "<p><a href='byond://?src=[REF(src)];showpoll=1'>Show Player Polls</A></p>"
+					output += "<p><a href='byond://?src=[rs];showpoll=1'>Show Player Polls</A></p>"
+			qdel(query_get_new_polls)
+			if(QDELETED(src))
+				return
 
 	output += "</center>"
 
@@ -71,8 +75,6 @@
 	popup.set_window_options("can_close=0")
 	popup.set_content(output)
 	popup.open(0)
-	return
-
 
 /mob/dead/new_player/Topic(href, href_list[])
 	if(src != usr)
@@ -310,6 +312,8 @@
 			return JOB_UNAVAILABLE_SLOTFULL
 	if(jobban_isbanned(src,rank))
 		return JOB_UNAVAILABLE_BANNED
+	if(QDELETED(src))
+		return JOB_UNAVAILABLE_GENERIC
 	if(!job.player_old_enough(client))
 		return JOB_UNAVAILABLE_ACCOUNTAGE
 	if(job.required_playtime_remaining(client))
@@ -475,7 +479,12 @@
 
 	var/mob/living/carbon/human/H = new(loc)
 
-	if(CONFIG_GET(flag/force_random_names) || jobban_isbanned(src, "appearance"))
+	var/frn = CONFIG_GET(flag/force_random_names)
+	if(!frn)
+		frn = jobban_isbanned(src, "appearance")
+		if(QDELETED(src))
+			return
+	if(frn)
 		client.prefs.random_character()
 		client.prefs.real_name = client.prefs.pref_species.random_name(gender,1)
 	client.prefs.copy_to(H)

code/modules/mob/dead/new_player/poll.dm

@@ -8,15 +8,19 @@
 		return
 	var/datum/DBQuery/query_poll_get = SSdbcore.NewQuery("SELECT id, question FROM [format_table_name("poll_question")] WHERE Now() BETWEEN starttime AND endtime [(client.holder ? "" : "AND adminonly = false")]")
 	if(!query_poll_get.warn_execute())
+		qdel(query_poll_get)
 		return
 	var/output = "<div align='center'><B>Player polls</B><hr><table>"
 	var/i = 0
+	var/rs = REF(src)
 	while(query_poll_get.NextRow())
 		var/pollid = query_poll_get.item[1]
 		var/pollquestion = query_poll_get.item[2]
-		output += "<tr bgcolor='#[ (i % 2 == 1) ? "e2e2e2" : "e2e2e2" ]'><td><a href=\"byond://?src=[REF(src)];pollid=[pollid]\"><b>[pollquestion]</b></a></td></tr>"
+		output += "<tr bgcolor='#[ (i % 2 == 1) ? "e2e2e2" : "e2e2e2" ]'><td><a href=\"byond://?src=[rs];pollid=[pollid]\"><b>[pollquestion]</b></a></td></tr>"
 		i++
+	qdel(query_poll_get)
 	output += "</table>"
+	if(!QDELETED(src))
 		src << browse(output,"window=playerpolllist;size=500x300")
 
 /mob/dead/new_player/proc/poll_player(pollid)
@@ -27,6 +31,7 @@
 		return
 	var/datum/DBQuery/query_poll_get_details = SSdbcore.NewQuery("SELECT starttime, endtime, question, polltype, multiplechoiceoptions FROM [format_table_name("poll_question")] WHERE id = [pollid]")
 	if(!query_poll_get_details.warn_execute())
+		qdel(query_poll_get_details)
 		return
 	var/pollstarttime = ""
 	var/pollendtime = ""
@@ -39,23 +44,28 @@
 		pollquestion = query_poll_get_details.item[3]
 		polltype = query_poll_get_details.item[4]
 		multiplechoiceoptions = text2num(query_poll_get_details.item[5])
+	qdel(query_poll_get_details)
 	switch(polltype)
 		if(POLLTYPE_OPTION)
 			var/datum/DBQuery/query_option_get_votes = SSdbcore.NewQuery("SELECT optionid FROM [format_table_name("poll_vote")] WHERE pollid = [pollid] AND ckey = '[ckey]'")
 			if(!query_option_get_votes.warn_execute())
+				qdel(query_option_get_votes)
 				return
 			var/votedoptionid = 0
 			if(query_option_get_votes.NextRow())
 				votedoptionid = text2num(query_option_get_votes.item[1])
+			qdel(query_option_get_votes)
 			var/list/datum/polloption/options = list()
 			var/datum/DBQuery/query_option_options = SSdbcore.NewQuery("SELECT id, text FROM [format_table_name("poll_option")] WHERE pollid = [pollid]")
 			if(!query_option_options.warn_execute())
+				qdel(query_option_options)
 				return
 			while(query_option_options.NextRow())
 				var/datum/polloption/PO = new()
 				PO.optionid = text2num(query_option_options.item[1])
 				PO.optiontext = query_option_options.item[2]
 				options += PO
+			qdel(query_option_options)
 			var/output = "<div align='center'><B>Player poll</B><hr>"
 			output += "<b>Question: [pollquestion]</b><br>"
 			output += "<font size='2'>Poll runs from <b>[pollstarttime]</b> until <b>[pollendtime]</b></font><p>"
@@ -84,10 +94,12 @@
 		if(POLLTYPE_TEXT)
 			var/datum/DBQuery/query_text_get_votes = SSdbcore.NewQuery("SELECT replytext FROM [format_table_name("poll_textreply")] WHERE pollid = [pollid] AND ckey = '[ckey]'")
 			if(!query_text_get_votes.warn_execute())
+				qdel(query_text_get_votes)
 				return
 			var/vote_text = ""
 			if(query_text_get_votes.NextRow())
 				vote_text = query_text_get_votes.item[1]
+			qdel(query_text_get_votes)
 			var/output = "<div align='center'><B>Player poll</B><hr>"
 			output += "<b>Question: [pollquestion]</b><br>"
 			output += "<font size='2'>Feedback gathering runs from <b>[pollstarttime]</b> until <b>[pollendtime]</b></font><p>"
@@ -113,6 +125,7 @@
 		if(POLLTYPE_RATING)
 			var/datum/DBQuery/query_rating_get_votes = SSdbcore.NewQuery("SELECT o.text, v.rating FROM [format_table_name("poll_option")] o, [format_table_name("poll_vote")] v WHERE o.pollid = [pollid] AND v.ckey = '[ckey]' AND o.id = v.optionid")
 			if(!query_rating_get_votes.warn_execute())
+				qdel(query_rating_get_votes)
 				return
 			var/output = "<div align='center'><B>Player poll</B><hr>"
 			output += "<b>Question: [pollquestion]</b><br>"
@@ -122,6 +135,7 @@
 				var/optiontext = query_rating_get_votes.item[1]
 				rating = query_rating_get_votes.item[2]
 				output += "<br><b>[optiontext] - [rating]</b>"
+			qdel(query_rating_get_votes)
 			if(!rating)
 				output += "<form name='cardcomp' action='?src=[REF(src)]' method='get'>"
 				output += "<input type='hidden' name='src' value='[REF(src)]'>"
@@ -131,6 +145,7 @@
 				var/maxid = 0
 				var/datum/DBQuery/query_rating_options = SSdbcore.NewQuery("SELECT id, text, minval, maxval, descmin, descmid, descmax FROM [format_table_name("poll_option")] WHERE pollid = [pollid]")
 				if(!query_rating_options.warn_execute())
+					qdel(query_rating_options)
 					return
 				while(query_rating_options.NextRow())
 					var/optionid = text2num(query_rating_options.item[1])
@@ -157,23 +172,28 @@
 						else
 							output += "<option value='[j]'>[j]</option>"
 					output += "</select>"
+				qdel(query_rating_options)
 				output += "<input type='hidden' name='minid' value='[minid]'>"
 				output += "<input type='hidden' name='maxid' value='[maxid]'>"
 				output += "<p><input type='submit' value='Submit'></form>"
+			if(!QDELETED(src))
 				src << browse(null ,"window=playerpolllist")
 				src << browse(output,"window=playerpoll;size=500x500")
 		if(POLLTYPE_MULTI)
 			var/datum/DBQuery/query_multi_get_votes = SSdbcore.NewQuery("SELECT optionid FROM [format_table_name("poll_vote")] WHERE pollid = [pollid] AND ckey = '[ckey]'")
 			if(!query_multi_get_votes.warn_execute())
+				qdel(query_multi_get_votes)
 				return
 			var/list/votedfor = list()
 			while(query_multi_get_votes.NextRow())
 				votedfor.Add(text2num(query_multi_get_votes.item[1]))
+			qdel(query_multi_get_votes)
 			var/list/datum/polloption/options = list()
 			var/maxoptionid = 0
 			var/minoptionid = 0
 			var/datum/DBQuery/query_multi_options = SSdbcore.NewQuery("SELECT id, text FROM [format_table_name("poll_option")] WHERE pollid = [pollid]")
 			if(!query_multi_options.warn_execute())
+				qdel(query_multi_options)
 				return
 			while(query_multi_options.NextRow())
 				var/datum/polloption/PO = new()
@@ -184,6 +204,7 @@
 				if(PO.optionid < minoptionid || !minoptionid)
 					minoptionid = PO.optionid
 				options += PO
+			qdel(query_multi_options)
 			var/output = "<div align='center'><B>Player poll</B><hr>"
 			output += "<b>Question: [pollquestion]</b><br>You can select up to [multiplechoiceoptions] options. If you select more, the first [multiplechoiceoptions] will be saved.<br>"
 			output += "<font size='2'>Poll runs from <b>[pollstarttime]</b> until <b>[pollendtime]</b></font><p>"
@@ -216,22 +237,26 @@
 
 			var/datum/DBQuery/query_irv_get_votes = SSdbcore.NewQuery("SELECT optionid FROM [format_table_name("poll_vote")] WHERE pollid = [pollid] AND ckey = '[ckey]'")
 			if(!query_irv_get_votes.warn_execute())
+				qdel(query_irv_get_votes)
 				return
 
 			var/list/votedfor = list()
 			while(query_irv_get_votes.NextRow())
 				votedfor.Add(text2num(query_irv_get_votes.item[1]))
+			qdel(query_irv_get_votes)
 
 			var/list/datum/polloption/options = list()
 
 			var/datum/DBQuery/query_irv_options = SSdbcore.NewQuery("SELECT id, text FROM [format_table_name("poll_option")] WHERE pollid = [pollid]")
 			if(!query_irv_options.warn_execute())
+				qdel(query_irv_options)
 				return
 			while(query_irv_options.NextRow())
 				var/datum/polloption/PO = new()
 				PO.optionid = text2num(query_irv_options.item[1])
 				PO.optiontext = query_irv_options.item[2]
 				options["[PO.optionid]"] += PO
+			qdel(query_irv_options)
 
 			//if they already voted, use their sort
 			if (votedfor.len)
@@ -332,10 +357,13 @@
 		return
 	var/datum/DBQuery/query_hasvoted = SSdbcore.NewQuery("SELECT id FROM `[format_table_name(table)]` WHERE pollid = [pollid] AND ckey = '[ckey]'")
 	if(!query_hasvoted.warn_execute())
+		qdel(query_hasvoted)
 		return
 	if(query_hasvoted.NextRow())
+		qdel(query_hasvoted)
 		to_chat(usr, "<span class='danger'>You've already replied to this poll.</span>")
 		return
+	qdel(query_hasvoted)
 	. = "Player"
 	if(client.holder)
 		. = client.holder.rank.name
@@ -364,9 +392,12 @@
 	//validate the poll is actually the right type of poll and its still active
 	var/datum/DBQuery/query_validate_poll = SSdbcore.NewQuery("SELECT id FROM [format_table_name("poll_question")] WHERE id = [pollid] AND Now() BETWEEN starttime AND endtime AND polltype = '[type]' [(holder ? "" : "AND adminonly = false")]")
 	if(!query_validate_poll.warn_execute())
+		qdel(query_validate_poll)
 		return 0
 	if (!query_validate_poll.NextRow())
+		qdel(query_validate_poll)
 		return 0
+	qdel(query_validate_poll)
 	return 1
 
 /mob/dead/new_player/proc/vote_on_irv_poll(pollid, list/votelist)
@@ -397,10 +428,12 @@
 	//lets collect the options
 	var/datum/DBQuery/query_irv_id = SSdbcore.NewQuery("SELECT id FROM [format_table_name("poll_option")] WHERE pollid = [pollid]")
 	if(!query_irv_id.warn_execute())
+		qdel(query_irv_id)
 		return 0
 	var/list/optionlist = list()
 	while (query_irv_id.NextRow())
 		optionlist += text2num(query_irv_id.item[1])
+	qdel(query_irv_id)
 
 	//validate their votes are actually in the list of options and actually numbers
 	var/list/numberedvotelist = list()
@@ -428,12 +461,17 @@
 	//now lets delete their old votes (if any)
 	var/datum/DBQuery/query_irv_del_old = SSdbcore.NewQuery("DELETE FROM [format_table_name("poll_vote")] WHERE pollid = [pollid] AND ckey = '[ckey]'")
 	if(!query_irv_del_old.warn_execute())
+		qdel(query_irv_del_old)
 		return 0
+	qdel(query_irv_del_old)
 
 	//now to add the new ones.
 	var/datum/DBQuery/query_irv_vote = SSdbcore.NewQuery("INSERT INTO [format_table_name("poll_vote")] (datetime, pollid, optionid, ckey, ip, adminrank) VALUES [sqlrowlist]")
 	if(!query_irv_vote.warn_execute())
+		qdel(query_irv_vote)
 		return 0
+	qdel(query_irv_vote)
+	if(!QDELETED(src))
 		src << browse(null,"window=playerpoll")
 	return 1
 
@@ -454,7 +492,10 @@
 		return
 	var/datum/DBQuery/query_option_vote = SSdbcore.NewQuery("INSERT INTO [format_table_name("poll_vote")] (datetime, pollid, optionid, ckey, ip, adminrank) VALUES (Now(), [pollid], [optionid], '[ckey]', INET_ATON('[client.address]'), '[adminrank]')")
 	if(!query_option_vote.warn_execute())
+		qdel(query_option_vote)
 		return
+	qdel(query_option_vote)
+	if(!QDELETED(usr))
 		usr << browse(null,"window=playerpoll")
 	return 1
 
@@ -481,7 +522,10 @@
 		return
 	var/datum/DBQuery/query_text_vote = SSdbcore.NewQuery("INSERT INTO [format_table_name("poll_textreply")] (datetime ,pollid ,ckey ,ip ,replytext ,adminrank) VALUES (Now(), [pollid], '[ckey]', INET_ATON('[client.address]'), '[replytext]', '[adminrank]')")
 	if(!query_text_vote.warn_execute())
+		qdel(query_text_vote)
 		return
+	qdel(query_text_vote)
+	if(!QDELETED(usr))
 		usr << browse(null,"window=playerpoll")
 	return 1
 
@@ -498,17 +542,23 @@
 		return 0
 	var/datum/DBQuery/query_numval_hasvoted = SSdbcore.NewQuery("SELECT id FROM [format_table_name("poll_vote")] WHERE optionid = [optionid] AND ckey = '[ckey]'")
 	if(!query_numval_hasvoted.warn_execute())
+		qdel(query_numval_hasvoted)
 		return
 	if(query_numval_hasvoted.NextRow())
+		qdel(query_numval_hasvoted)
 		to_chat(usr, "<span class='danger'>You've already replied to this poll.</span>")
 		return
+	qdel(query_numval_hasvoted)
 	var/adminrank = "Player"
 	if(client.holder)
 		adminrank = client.holder.rank.name
 	adminrank = sanitizeSQL(adminrank)
 	var/datum/DBQuery/query_numval_vote = SSdbcore.NewQuery("INSERT INTO [format_table_name("poll_vote")] (datetime ,pollid ,optionid ,ckey ,ip ,adminrank, rating) VALUES (Now(), [pollid], [optionid], '[ckey]', INET_ATON('[client.address]'), '[adminrank]', [(isnull(rating)) ? "null" : rating])")
 	if(!query_numval_vote.warn_execute())
+		qdel(query_numval_vote)
 		return
+	qdel(query_numval_vote)
+	if(!QDELETED(usr))
 		usr << browse(null,"window=playerpoll")
 	return 1
 
@@ -525,26 +575,33 @@
 		return 0
 	var/datum/DBQuery/query_multi_choicelen = SSdbcore.NewQuery("SELECT multiplechoiceoptions FROM [format_table_name("poll_question")] WHERE id = [pollid]")
 	if(!query_multi_choicelen.warn_execute())
+		qdel(query_multi_choicelen)
 		return 1
 	var/i
 	if(query_multi_choicelen.NextRow())
 		i = text2num(query_multi_choicelen.item[1])	
+	qdel(query_multi_choicelen)
 	var/datum/DBQuery/query_multi_hasvoted = SSdbcore.NewQuery("SELECT id FROM [format_table_name("poll_vote")] WHERE pollid = [pollid] AND ckey = '[ckey]'")
 	if(!query_multi_hasvoted.warn_execute())
+		qdel(query_multi_hasvoted)
 		return 1
 	while(i)
 		if(query_multi_hasvoted.NextRow())
 			i--
 		else
 			break
+	qdel(query_multi_hasvoted)
 	if(!i)
 		return 2
 	var/adminrank = "Player"
-	if(client.holder)
+	if(!QDELETED(client) && client.holder)
 		adminrank = client.holder.rank.name
 	adminrank = sanitizeSQL(adminrank)
 	var/datum/DBQuery/query_multi_vote = SSdbcore.NewQuery("INSERT INTO [format_table_name("poll_vote")] (datetime, pollid, optionid, ckey, ip, adminrank) VALUES (Now(), [pollid], [optionid], '[ckey]', INET_ATON('[client.address]'), '[adminrank]')")
 	if(!query_multi_vote.warn_execute())
+		qdel(query_multi_vote)
 		return 1
+	qdel(query_multi_vote)
+	if(!QDELETED(usr))
 		usr << browse(null,"window=playerpoll")
 	return 0

code/modules/mob/living/brain/posibrain.dm

@@ -85,7 +85,7 @@ GLOBAL_VAR(posibrain_notify_cooldown)
 /obj/item/mmi/posibrain/proc/activate(mob/user)
 	if(QDELETED(brainmob))
 		return
-	if(is_occupied() || jobban_isbanned(user,"posibrain"))
+	if(is_occupied() || jobban_isbanned(user,"posibrain") || QDELETED(brainmob) || QDELETED(src) || QDELETED(user))
 		return
 
 	var/posi_ask = alert("Become a [name]? (Warning, You can no longer be cloned, and all past lives will be forgotten!)","Are you positive?","Yes","No")

code/modules/mob/living/emote.dm

@@ -412,6 +412,8 @@
 	if(jobban_isbanned(user, "emote"))
 		to_chat(user, "You cannot send custom emotes (banned).")
 		return FALSE
+	else if(QDELETED(user))
+		return FALSE
 	else if(user.client && user.client.prefs.muted & MUTE_IC)
 		to_chat(user, "You cannot send IC messages (muted).")
 		return FALSE

code/modules/mob/living/simple_animal/friendly/drone/drones_as_items.dm

@@ -41,7 +41,7 @@
 
 //ATTACK GHOST IGNORING PARENT RETURN VALUE
 /obj/item/drone_shell/attack_ghost(mob/user)
-	if(jobban_isbanned(user,"drone"))
+	if(jobban_isbanned(user,"drone") || QDELETED(src) || QDELETED(user))
 		return
 	if(CONFIG_GET(flag/use_age_restriction_for_jobs))
 		if(!isnum(user.client.player_age)) //apparently what happens when there's no DB connected. just don't let anybody be a drone without admin intervention

code/modules/mob/say.dm

@@ -56,10 +56,16 @@
 		to_chat(usr, "<span class='danger'>Speech is currently admin-disabled.</span>")
 		return
 
-	if(jobban_isbanned(src, "OOC"))
+	var/jb = jobban_isbanned(src, "OOC")
+	if(QDELETED(src))
+		return
+
+	if(jb)
 		to_chat(src, "<span class='danger'>You have been banned from deadchat.</span>")
 		return
 	
+
+
 	if (src.client)
 		if(src.client.prefs.muted & MUTE_DEADCHAT)
 			to_chat(src, "<span class='danger'>You cannot talk in deadchat (muted).</span>")

code/modules/research/xenobiology/xenobiology.dm

@@ -725,7 +725,11 @@
 	if(SM.sentience_type != animal_type)
 		to_chat(user, "<span class='warning'>You cannot transfer your consciousness to [SM].</span>" )
 		return ..()
-	if(jobban_isbanned(user, ROLE_ALIEN)) //ideally sentience and trasnference potions should be their own unique role.
+	var/jb = jobban_isbanned(user, ROLE_ALIEN)
+	if(QDELETED(src) || QDELETED(M) || QDELETED(user))
+		return
+
+	if(jb) //ideally sentience and trasnference potions should be their own unique role.
 		to_chat(user, "<span class='warning'>Your mind goes blank as you attempt to use the potion.</span>")
 		return
 

code/modules/shuttle/emergency.dm

@@ -263,6 +263,14 @@
 
 	return has_people
 
+/obj/docking_port/mobile/emergency/proc/ShuttleDBStuff()
+	set waitfor = FALSE
+	if(!SSdbcore.Connect())
+		return
+	var/datum/DBQuery/query_round_shuttle_name = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET shuttle_name = '[name]' WHERE id = [GLOB.round_id]")
+	query_round_shuttle_name.Execute()
+	qdel(query_round_shuttle_name)
+
 /obj/docking_port/mobile/emergency/check()
 	if(!timer)
 		return
@@ -293,9 +301,7 @@
 				setTimer(SSshuttle.emergencyDockTime)
 				send2irc("Server", "The Emergency Shuttle has docked with the station.")
 				priority_announce("The Emergency Shuttle has docked with the station. You have [timeLeft(600)] minutes to board the Emergency Shuttle.", null, 'sound/ai/shuttledock.ogg', "Priority")
-				if(SSdbcore.Connect())
+				ShuttleDBStuff()
-					var/datum/DBQuery/query_round_shuttle_name = SSdbcore.NewQuery("UPDATE [format_table_name("round")] SET shuttle_name = '[name]' WHERE id = [GLOB.round_id]")
-					query_round_shuttle_name.Execute()
 
 
 		if(SHUTTLE_DOCKED)