25.01.2019, 09:39
This is the command:
This is the dialog:
And this is anti server(sql injection) crash:
Okay, when i click on case 3(that with blocked / he don't see anything) i get "Anti SQL Injection", what's wrong with my script? If i click on case 4(that with player wants to make a deal) it's okay, he works.
HTML Code:
CMD:report(playerid, params[]) { if(PlayerInfo[playerid][pHelper] > 0 || PlayerInfo[playerid][pAdmin] > 0) return SCM(playerid, -1, "You're part of staff you can't use this command."); if(HaveReport[playerid] == 1) return SCM(playerid, -1, "You already have an report sent to admins, wait for an answer."); ShowPlayerDialog(playerid, DIALOG_REPORT, DIALOG_STYLE_LIST, "Report System", "Report DM\nReport a cheater\nQuestion about donations\nI'm blocked / I don't see anything\nI want to make a deal, i need a staf member\nAnother Problem", "Select", "Cancel"); return 1; }
HTML Code:
case DIALOG_REPORT: { if(!response) return 1; switch(listitem) { //Report DM(1)\nReport a cheater(2)\nQuestion about donations(3)\nI'm blocked / I don't see anything(4)\nI want to make a deal, i need a staf member(5)\nAnother Problem(6) case 0: ShowPlayerDialog(playerid, DIALOG_REPORT+1, DIALOG_STYLE_INPUT, "Report DM", "Type the playerid of the\nplayer that makes the DM.", "Ok", "Cancel"); case 1: ShowPlayerDialog(playerid, DIALOG_REPORT+2, DIALOG_STYLE_INPUT, "Report a cheater", "Type the playerid of the\nplayer who uses cheats.", "Ok", "Cancel"); case 2: ShowPlayerDialog(playerid, DIALOG_INFO, DIALOG_STYLE_MSGBOX, "About Donations", "In work!", "Ok", ""); case 3: { new string[84]; format(string, sizeof(string), "{FF0000}Report: %s (id: %d) is blocked / he don't see anything.", GetName(playerid), playerid); StaffBroadCast(-1, string); HaveReport[playerid] = 1; ReportType[playerid] = 4; if(!Iter_Contains(Reports, playerid)) Iter_Add(Reports, playerid); } case 4: { new string[93]; format(string, sizeof(string), "{FF0000}Report: %s (id: %d) wants to make a deal, he need a staf member.", GetName(playerid), playerid); StaffBroadCast(-1, string); HaveReport[playerid] = 1; ReportType[playerid] = 5; if(!Iter_Contains(Reports, playerid)) Iter_Add(Reports, playerid); } case 5: ShowPlayerDialog(playerid, DIALOG_REPORT+3, DIALOG_STYLE_INPUT, "Another Problem", "Type the problem and describe it.", "Ok", "Cancel"); } }
HTML Code:
if(strlen(inputtext) >= 1) { if(strfind(inputtext, "%", true) != -1 || strfind(inputtext, "`", true) != -1 || strfind(inputtext, "'", true) != -1) return SCM(playerid, COLOR_DARKRED, "Anti SQL Injection!"); }