SA-MP Forums Archive
MySQL R7 question - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: MySQL R7 question (/showthread.php?tid=436357)


MySQL R7 question - dusk - 11.05.2013

Can I get the numer of rows in the same function with R7?

Why I need it? I have a function to check if an item exists in my DB, but how can i return something from it when it calls another function!



EDIT: few more questions related to MySQL:
1. Is it okay to create a function to update a field in MySQL, something like:
pawn Код:
stock UpdateField(playerid,fieldname[]) {
format(query,sizeof(query),"UPDATE db SET '%s' = something",fieldname);
2.When and for what reason should "mysql_real_escape_string" be used?

Re: MySQL R7 question - dusk - 12.05.2013

bump

Re: MySQL R7 question - Vince - 12.05.2013

I'm afraid I do not really understand your first question. You can write a constraint in the form of
PHP код:
INSERT INTO table (string1string2numberVALUES ('foo''bar'42ON DUPLICATE KEY UPDATE number 43
Not sure if that's what you want.

Second question; yes you may write something like that but it won't be very efficient if you're going to update multiple values at a time.

Third question; mysql_real_escape_string should be used for any and all user input. http://en.wikipedia.org/wiki/SQL_injection

Re: MySQL R7 question - dusk - 12.05.2013

For the first question ill try to explain in examples:
So somewhere i have this:
pawn Код:
if(ExistsInMysql("Just some string")) { do something
And that function:
pawn Код:
stock ExistsInMysql(something[]) {
new query[50];
format(query,sizeof(query),"SELECT * FROM  Users WHERE Username='%s'",something);
mysql_function_query(db,query,true,"Loading","d",playerid);
}
forward Loading(playerid);
public Loading(playerid)
{ 
new rows,fields;
cache_get_data(rows,fields);
if(rows>0) // return something to the "if(Exists()" part
I hope you understand better. I want to return the result of "Loading" to where "stock ExistsInMysql(something[])" was called


Second question: thanks! Thats the thing i always send the full query with all the stats,even if i needed to update 1-2fields.


Third Question: but how do i use mysql_real_escape_string in samp? I dont understand WHAT do i have to escape.
pawn Код:
format(query,sizeof(query),"SELECT * FROM users WHERE useraname='%s' AND password='%s'",name,pass);
mysql_real_escape_string(name,name);
mysql_real_escape_string(pass,pass);
Is that valid? And it only need to be done for strings?

Re: MySQL R7 question - Vince - 12.05.2013

Ah well, I'm afraid this isn't possible anymore with the threaded queries. You're going to have to move everything to a separate callback.

As for the escaping, that needs to be done before the data is inserted into the query. Doesn't make much sense otherwise. And it just needs to be done where user input is expected. If you have methods to filter numbers (sscanf, strval) then it isn't necessary to escape those.

Re: MySQL R7 question - dusk - 12.05.2013

Thats bad news....What do you mean move everything to a separate callback?

Okay, i understand now!