24.06.2013, 09:37
mysql_real_escape_string is a function for avoid SQL injection http://it.wikipedia.org/wiki/SQL_injection
You have to use it when a player input a text directly to a query
EXAMPLE:
You have to use it when a player input a text directly to a query
EXAMPLE:
pawn Code:
new escapedtext[128];
mysql_real_escape_string(inputfromplayer, escapedtext);
myquerywithformat("INSERT INTO something (yea) VALUES('%s')",escapedtext);