1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
SQL inject
toi
Big Clucker
***
Posts: 183
Threads: 48
Joined: Oct 2011
Reputation: 0
#1

02.09.2012, 15:45
how to protect my server against mysql inject. I put that string and under what calback
Tank
Find
Reply
toi
Big Clucker
***
Posts: 183
Threads: 48
Joined: Oct 2011
Reputation: 0
#2

04.09.2012, 08:57
up please
Find
Reply
doreto
High-roller
*****
Posts: 1,676
Threads: 44
Joined: Aug 2010
Reputation: 0
#3

04.09.2012, 09:04
https://sampwiki.blast.hk/wiki/MySQL#mys..._escape_string check it
Find
Reply
sgtjones12
Big Clucker
***
Posts: 107
Threads: 13
Joined: Apr 2012
Reputation: 0
#4

04.09.2012, 09:11
I didnt know SA-MP servers could get sql injections wow
Find
Reply
doreto
High-roller
*****
Posts: 1,676
Threads: 44
Joined: Aug 2010
Reputation: 0
#5

04.09.2012, 09:14
Quote:
Originally Posted by sgtjones12
Посмотреть сообщение
I didnt know SA-MP servers could get sql injections wow
I dont know too but more security its not problem
Find
Reply
mamorunl
High-roller
*****
Posts: 1,938
Threads: 16
Joined: Feb 2007
Reputation: 0
#6

04.09.2012, 09:21
Quote:
Originally Posted by sgtjones12
Посмотреть сообщение
I didnt know SA-MP servers could get sql injections wow
Everything that uses input from the user is subjective to SQL Injections. In a SA:MP server you use dialogs, commands etc. Even your name can be an SQL inject command (of only 24 chars long though).

mysql_real_escape_string() is the first command that you can use and another would be something like add_slashes (PHP) to escape the special chars (' " \)
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help