MySQL /register - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+---- Forum: Help Archive (https://sampforum.blast.hk/forumdisplay.php?fid=89)
+---- Thread: MySQL /register (/showthread.php?tid=204689)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+---- Forum: Help Archive (https://sampforum.blast.hk/forumdisplay.php?fid=89)
+---- Thread: MySQL /register (/showthread.php?tid=204689)
MySQL /register - aircombat - 30.12.2010
I made a lil /register command based on mysql system , it was working fine but suddenly now when someone /register lol , what shows in the database is "username : ol" password : "lol" so any ideas how to fix it :S?
Код:
dcmd_register(playerid, params[])
{
new pName[MAX_PLAYER_NAME];
GetPlayerName(playerid,pName,MAX_PLAYER_NAME);
new password;
new Query[128];
format(Query, sizeof(Query), "SELECT * FROM `users` WHERE `username` = '%s'",pName);
mysql_query(Query);
mysql_store_result();
if(mysql_num_rows()) return SendClientMessage(playerid,COLOR_TEST,"This Account Is Already Registered");
else if(sscanf(params,"s",password)) return SendClientMessage(playerid,COLOR_TEST,"Usage: /register [Password]");
else
{
new query[128],string[128];
format(query, sizeof(query), "INSERT INTO `users` (`username`, `password`, `score`, `money`) VALUES ('%s', '%s', '%s', '%s')", pName, password,GetPlayerScore(playerid),GetPlayerMoney(playerid));
mysql_query(query);
format(string,128,"You're Now Registered , Password: %s , Now Please /Login",password);
SendClientMessage(playerid,COLOR_TEST,string);
SetPVarInt(playerid,"Registered",1);
}
return 1;
}
Re: MySQL /register - MadeMan - 30.12.2010
pawn Код:
new password[64];
pawn Код:
format(query, sizeof(query), "INSERT INTO `users` (`username`, `password`, `score`, `money`) VALUES ('%s', '%s', '%d', '%d')", pName, password,GetPlayerScore(playerid),GetPlayerMoney(playerid));
Re: MySQL /register - _rAped - 30.12.2010
Auch. Unless you don't want your database deleted/abused use mysql_real_escape_string().
Re: MySQL /register - aircombat - 30.12.2010
i am actually new to mysql but what mysql_real_escape_string() for and how to use it??
Re: MySQL /register - Calgon - 30.12.2010
Quote:
|
Originally Posted by aircombat
 i am actually new to mysql but what mysql_real_escape_string() for and how to use it??
|