SA-MP Forums Archive
Error in sql syntax - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Error in sql syntax (/showthread.php?tid=638589)


Error in sql syntax - DusanInfinity - 03.08.2017

Log:
Код:
[08/02/17 16:27:57] [ERROR] error #1064 while executing query "INSERT INTO `users` (`PlName`, `PassWrd`, `Level`) VALUES ('John', 'passwd\', '1')": You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1'' at line 1
It's happening only when player enters "\" in the end of PassWrd only and it insert everything fine except PassWrd - in that field it doesnt insert "\" at the end!

But, when player enter PassWrd like this: "test/test" there is no errors in the log!

Re: Error in sql syntax - Vince - 03.08.2017

Don't store passwords in plain text and learn to sanitize your user inputs.

https://www.youtube.com/watch?v=8ZtInClXe1Q

Re: Error in sql syntax - ISmokezU - 03.08.2017

Try using a strfind.

Re: Error in sql syntax - Xeon™ - 03.08.2017

Quote:
Originally Posted by DusanInfinity
Посмотреть сообщение
Log:
Код:
[08/02/17 16:27:57] [ERROR] error #1064 while executing query "INSERT INTO `users` (`PlName`, `PassWrd`, `Level`) VALUES ('John', 'passwd\', '1')": You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1'' at line 1
It's happening only when player enters "\" in the end of PassWrd only and it insert everything fine except PassWrd - in that field it doesnt insert "\" at the end!

But, when player enter PassWrd like this: "test/test" there is no errors in the log!
\ is returning to line on pawno. mean by that uncoding of pawn isn't 'passwd\' as its show.