Mysql protection ? - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Mysql protection ? (/showthread.php?tid=491390)

---

Mysql protection ? - anou1 - 30.01.2014

Hi everybody,


I wanted to know what should I do to protect my server if I'm using a mysql database. What type of protection ?

That's all, thank you !

---

Re: Mysql protection ? - anou1 - 01.02.2014

BUMP

---

Re: Mysql protection ? - CuervO - 01.02.2014

Apart from a secure host, with a secure firewall and a secure password there's not many things you can do about external security. I am not an expert in security so I can't really tell;

About script security make sure you escape any string that the a player may send into a query or you may suffer SQL injections which can crash your server or DB.

---

Re: Mysql protection ? - anou1 - 01.02.2014

How can I do please ?

Thank you

---

Re: Mysql protection ? - CuervO - 01.02.2014

On blueg's plugin:

https://sampwiki.blast.hk/wiki/MySQL/R33..._escape_string

---

Re: Mysql protection ? - anou1 - 01.02.2014

Thank you, but I don't understand what have I to do ?

For exemple for a register system, when I have to save the player password, I should use this ?


If I use "mysql_format" Is that secure ?

---

Re: Mysql protection ? - Konstantinos - 01.02.2014

Use mysql_format everytime you pass a string as an argument in a query.

---

Re: Mysql protection ? - anou1 - 01.02.2014

Thank you !

So that will protect me of any sql injection in game ?

---