[amit133]

Hello,
I started to change my mode to using MySQL .
But I don't understand where to use the func - mysql_real_escape_string
Everytime when player text(onplayertext,dialogs,onplayercommandtext)
Or only when we take a input to mysql from the player?

[rappy93]

Well...whenever I want to store some player data in my mysql I use the "INSERT INTO" function...I'm more accustomed to it as for that function I am not really sure where to use it.

[iJumbo]

mysql_real_escape_string is a function for avoid SQL injection http://it.wikipedia.org/wiki/SQL_injection

You have to use it when a player input a text directly to a query

EXAMPLE:

pawn Code:

new escapedtext[128];
mysql_real_escape_string(inputfromplayer, escapedtext);
myquerywithformat("INSERT INTO something (yea) VALUES('%s')",escapedtext);

[PaulDinam]

Usefull stock:
instead of typing mysql_real_escape_string all the time

pawn Code:

stock EscapeString(const string[])
{
    new escpass[128];
    mysql_real_escape_string(string, escpass);
    return escpass;
}

[Vince]

Just like people who use SCM for SendClientMessage. Just type it out already.

[iJumbo]

Actually write SendClientMessage is more faster than SCM, the S and C are to close, and my fingers are like "aaargh"

[amit133]

So InPlayerText I don;t need to put this?
cuz in wiki samp theri example are in OnPlayerText

[iJumbo]

If you send a query with the player text yea you do