[DobbysGamertag]

Quote:

Originally Posted by MP2 Looks like SQL injection. Print out the entire query. Make sure you escape the input string (mysql_real_escape_string() IIRC).

Yus

pawn Код:

new safestring[129] //129 is max input right? o_O

mysql_real_escape_string(inputtext,safestring);

Then the query becomes:

pawn Код:

new query[124];
format(query,sizeof(query),"UPDATE `accounts` SET `Admin`='%d' WHERE `name`='%s'",safestring,Name[playerid]);
mysql_query(query);

That's how i do it anyway. Been able to avoid it so far. Add a mysql_real_escape_string on each UPDATE /INSERT query (dialogs, OnPlayerText() etc).