1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help
  4. Help Archive

Linear Mode
[INFO] MySQL Injection
Toni
High-roller
*****
Posts: 1,464
Threads: 90
Joined: Aug 2009
Reputation: 0
#7

10.07.2011, 00:44
Quote:
Originally Posted by Blacklite
View Post
Not unless you had code like this:

pawn Code:
public OnPlayerConnect(playerid)
{
    new pName[MAX_PLAYER_NAME];
    GetPlayerName(playerid, pName, MAX_PLAYER_NAME);
    mysql_query(pName);
}
And even then, people can't use spaces in their usernames in SA:MP.

The main thing to be watching out for is things like house names, where you have the user entering string data into the database.
Ah I see, my mistake. Now I know how would be able query stuff!
Find
Reply
« Next Oldest | Next Newest »


Messages In This Thread
[INFO] MySQL Injection - by Blacklite - 02.03.2010, 02:46
Re: [INFO] MySQL Injection - by Jochemd - 06.07.2011, 09:32
Re: [INFO] MySQL Injection - by [HiC]TheKiller - 06.07.2011, 10:18
Re: [INFO] MySQL Injection - by Blacklite - 09.07.2011, 00:44
Re: [INFO] MySQL Injection - by Toni - 09.07.2011, 02:50
Re: [INFO] MySQL Injection - by Blacklite - 09.07.2011, 03:20
Re: [INFO] MySQL Injection - by Toni - 10.07.2011, 00:44
Re: [INFO] MySQL Injection - by Hal - 10.07.2011, 03:42

Forum Jump:


Users browsing this thread: 2 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help
  4. Help Archive