Mysql \ register..? - Printable Version

Mysql \ register..? - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Mysql \ register..? (/showthread.php?tid=586046)

Mysql \ register..? - Metharon - 18.08.2015

[23:04:35] [ERROR] CMySQLQuery::Execute[OnAccountRegister] - (error #1064) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''6789\', 0)' at line 1

How can i fix this .. ? i think is because of the ' / '

Re: Mysql \ register..? - xVIP3Rx - 18.08.2015

Probably yeah, show me the query..

Re: Mysql \ register..? - Metharon - 18.08.2015

pawn Код:

mysql_format(mysql, query, sizeof(query), "INSERT INTO `players` ( `Name`, `Password`, `Tutorial`) VALUES ('%s', '%s', 0)", GetName(playerid), inputtext);
                mysql_tquery(mysql, query, "OnAccountRegister", "i", playerid);

Re: Mysql \ register..? - Vince - 18.08.2015

Never, ever put raw user input into a query.

Besides, you should or rather MUST hash passwords, anyway.

Re: Mysql \ register..? - xVIP3Rx - 18.08.2015

Quote:

Originally Posted by Vince

Lol

A question though, What if the user forgot his password and wants it back ? are there any functions to restore the password from the hashed string ( SHA1 Specially )?

Re: Mysql \ register..? - Vince - 18.08.2015

No. That's the point. That's also the reason websites send you a new random password in case you forget it. If a website sends your password back to you in plain text then you really ought to stop using that website. Would you feel comfortable knowing that anyone that accesses the database (including staff and hackers) could read every user's password, in plain text, just like that? I sure as hell wouldn't.