Where to use mysql_real_escape_string -
amit133 - 24.06.2013
Hello,
I started to change my mode to using MySQL .
But I don't understand where to use the func - mysql_real_escape_string
Everytime when player text(onplayertext,dialogs,onplayercommandtext)
Or only when we take a input to mysql from the player?
Re: Where to use mysql_real_escape_string -
rappy93 - 24.06.2013
Well...whenever I want to store some player data in my mysql I use the "INSERT INTO" function...I'm more accustomed to it as for that function I am not really sure where to use it.
Re: Where to use mysql_real_escape_string -
iJumbo - 24.06.2013
mysql_real_escape_string is a function for avoid SQL injection
http://it.wikipedia.org/wiki/SQL_injection
You have to use it when a player input a text directly to a query
EXAMPLE:
pawn Code:
new escapedtext[128];
mysql_real_escape_string(inputfromplayer, escapedtext);
myquerywithformat("INSERT INTO something (yea) VALUES('%s')",escapedtext);
Re: Where to use mysql_real_escape_string -
PaulDinam - 24.06.2013
Usefull stock:
instead of typing mysql_real_escape_string all the time
pawn Code:
stock EscapeString(const string[])
{
new escpass[128];
mysql_real_escape_string(string, escpass);
return escpass;
}
Re: Where to use mysql_real_escape_string -
Vince - 24.06.2013
Just like people who use SCM for SendClientMessage. Just type it out already.
Re: Where to use mysql_real_escape_string -
iJumbo - 24.06.2013
Actually write SendClientMessage is more faster than SCM, the S and C are to close, and my fingers are like "aaargh"
Re: Where to use mysql_real_escape_string -
amit133 - 24.06.2013
So InPlayerText I don;t need to put this?
cuz in wiki samp theri example are in OnPlayerText
Re: Where to use mysql_real_escape_string -
iJumbo - 24.06.2013
If you send a query with the player text yea you do