28.01.2018, 20:20
Код:
mysql_escape_string(inputtext, lPassword, DB_Connect);
A line with tag mismatch
28.01.2018, 20:21
I think it should go like this, Sorry if i did it wrong.
Код:
mysql_escape_string(DB_Connect, lPassword, inputtext);
28.01.2018, 20:26
Quote:
|
Originally Posted by Hunud
 I think it should go like this, Sorry if i did it wrong.
Код:
mysql_escape_string(DB_Connect, lPassword, inputtext); |
28.01.2018, 20:28
Quote:
|
Originally Posted by Hunud
I think it should go like this, Sorry if i did it wrong.
Код:
mysql_escape_string(DB_Connect, lPassword, inputtext); |
Код:
mysql_escape_string(const source[], desstination[], max len = sizeof(destination), MYSQL:handle = MYSQL_DEFAULT_HANDLE);
28.01.2018, 20:38
Quote:
|
Originally Posted by edyun
What are you trying to escape?
|
Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
if(dialogid == DIALOG_REGISTER)
{
new rPassword[24], liYear, liMonth, liDay, rQuery[4096], sStr[500], sStr2[500];
//------------------------------------------------------------------
if(!response)
{
Kick(playerid);
}
if(sscanf(inputtext, "s[24]", rPassword)) return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD, "EROARE", "{00FF00}Scrie parola pe care ti-o doresti,\n{FFFF00}Aceasta parola trebuie sa fie intre {FF0000}6-24{FFFF00} caractere!", "Inregistrare", "Iesire");
if(strlen(rPassword) < 6 || strlen(rPassword) > 24) return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD, "EROARE", "{00FF00}Scrie parola pe care ti-o doresti,\n{FFFF00}Aceasta parola trebuie sa fie intre {FF0000}6-24{FFFF00} caractere!", "Inregistrare", "");
//------------------------------------------------------------------
if(strfind(rPassword, "'", true) != -1) return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD, "EROARE", "{00FF00}Aceasta parola nu poate contine simboluri: {FF0000}('){FFFF00}!", "Inregistrare", "");
//------------------------------------------------------------------
getdate(liYear, liMonth, liDay); ResetPlayerMoney(playerid), GivePlayerMoney(playerid, 25000), SetPlayerScore(playerid, 1);
//------------------------------------------------------------------
//MySQL INSERT
new stringip[30];
GetPlayerIp(playerid, stringip, 30);
//------------------------------------------------------------------
format(rQuery, 4096, "INSERT INTO `Accounts` (`ID`, `Name`, `Password`, `IP`, `RegisterDate`, `Level`, `Exp`, `Cash`, `Score`, `Weapon1`, `Weapon2`, `Weapon3`, `Weapon4`, `Weapon5`, `Weapon6`, `Weapon7`, `Weapon8`, `Weapon9`, `Weapon10`, `Weapon11`, `Weapon12`, \
`Kills`, `Deaths`, `Hours`, `Minutes`, `KillingSpree`, `Skin`, `House`, `Biz`, `Admin`, `HP`, `Armour`, `Wanted`");
//------------------------------------------------------------------
format(rQuery, 4096, "%s `Warns`, `TeamID`, `TeamKills`, `TeamDeaths`, `TeamRank`, `Wanted`, `Car`,\
`TeamName`, `Warns`, `PremiumPoints`)", rQuery);
//------------------------------------------------------------------
format(rQuery, 4096, "%s VALUES (0, '%s', '%s', '%s', '%s', '%02d/%02d/%02d', 1, \
'0', '25000', '1', '0', '0', '0', '0', '0', '0', '0', '0', '0', ' ', '0', '0')", rQuery, GetName(playerid), rPassword, stringip, liDay, liMonth, liYear, liDay, liMonth, liYear, GetPlayerSkin(playerid));
//------------------------------------------------------------------
mysql_tquery(DB_Connect, rQuery, "OnAccountCreated", "i", playerid);
//------------------------------------------------------------------
format(sStr2, sizeof(sStr2), "{00FF00}Salut {FF0000}%s{00FF00}!\n", GetName(playerid));
strcat(sStr, sStr2, sizeof(sStr));
strcat(sStr, "{00FF00}Ai Fost Inregistrat la TeamBattleRomania\n", sizeof(sStr));
format(sStr2, sizeof(sStr2), "{00FF00}Tine minte! Cand te loghezi te poti inregistra co parola: {FF0000}%s{00FF00}!\n\n", rPassword);
strcat(sStr, sStr2, sizeof(sStr));
strcat(sStr, "{FFFF00}Pentru mai multe informatii apasa pe butonul: {FF0000}Ajutor{FFFF00}.\n", sizeof(sStr));
//----------------------------------------------------------
return ShowPlayerDialog(playerid, DIALOG_AREGISTER, DIALOG_STYLE_MSGBOX, "Inregistrare Reusita!", sStr, "Inchide", "Ajutor");
}
if(dialogid == DIALOG_LOGIN)
{
if(!response) Kick(playerid);
eString[128] = EOS;
new lPassword[25], Query[512];
//------------------------------------------------------------------
if(sscanf(inputtext, "s[25]", lPassword))
{
format(eString, sizeof(eString), "{00FF00}Bun venit inapoi: {FF0000}%s{00FF00}!\n\
{FFFF00}Te rog inregistreaza-te pentru a continua!",GetName(playerid));
//--------------------------------------------------------------
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "Logare", eString, "Logare", "Iesire");
}
if(strlen(inputtext) < 3 || strlen(inputtext) > 24) return
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "Logare", "{00FF00}Te rog,scrie-ti parola", "Logare", "Iesire");
//------------------------------------------------------------------
if(strfind(inputtext, "'", true) != -1) return
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "Logare", "{00FF00}Trebuie sa-ti scrii parola pentru a continua!\n{FFFF00}Nu poti scrie vre-o parola cu vre-un simbol!", "Logare", "Iesire");
//------------------------------------------------------------------
else
{
mysql_escape_string(DB_Connect, lPassword, inputtext);
//--------------------------------------------------------------
format(Query, sizeof(Query), "SELECT * FROM `Accounts` WHERE `Name` = '%s' AND `Password` = '%s'", GetName(playerid), lPassword);
mysql_tquery(DB_Connect, Query, "LoadPlayerData", "is", playerid, GetName(playerid));
//--------------------------------------------------------------
}
}
return 1;
}
29.01.2018, 10:47
First of all, you should check out the documentation for the function here: https://sampwiki.blast.hk/wiki/MySQL/R33..._escape_string
It states this:
In your case, I suggest you try this:
It states this:
In your case, I suggest you try this:
PHP код:
mysql_escape_string(inputtext, lPassword);
« Next Oldest | Next Newest »
Users browsing this thread: 1 Guest(s)