1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Filterscripts

Linear Mode
[FilterScript] Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta]
Misiur
High-roller
*****
Posts: 2,528
Threads: 124
Joined: Jul 2009
Reputation: 0
#18

24.02.2014, 19:51
Code:
mysql_format(dbHandle, medquery, sizeof medquery, "SELECT * FROM playerobjects \
                JOIN objects ON playerobjects.O_ObjectID = objects.ID WHERE playerobjects.PlayerObjectStatus = 3 OR playerobjects.PlayerObjectStatus = 4");
If query doesn't contain a single parameter, you can simply pass it to mysql_query. Think of format + SendClientMessage (just with additional %e).

Code:
mysql_format(dbHandle, query, sizeof query, "SELECT * FROM objects WHERE Name LIKE('%%%e%%') LIMIT 0,1",Obj);
You might consider additional escaping of Obj string, prefixing LIKE wildcards % and _ with backslash.

/remaction is vunerable to sqli
Quote:

/remaction a' or '1'='1
results in
Quote:

DELETE FROM actions WHERE Action = 'a' or '1'='1'
Code:
if(sscanf(params,"s[32]", id))
Using sscanf to fetch single string is unnecessary, use
Code:
if(isnull(params))
Then params instead id.

Default JOIN is INNER JOIN in mysql engine. Please specify type of join you want, because in most cases it should be LEFT JOIN.

Overall nice system, I like it.

P.S. I hate you forever and ever for raven's rp.
Find
Reply
« Next Oldest | Next Newest »


Messages In This Thread
Advanced Inventory/Object Management Script (New Version!) [SQL;Dynamic] - by CuervO - 24.02.2014, 13:51
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by DarkZeroX - 24.02.2014, 13:56
Respuesta: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 24.02.2014, 13:58
Re : Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by anou1 - 24.02.2014, 14:06
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by DoKAtemar - 24.02.2014, 14:19
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by DarkZeroX - 24.02.2014, 14:22
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 24.02.2014, 14:23
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by PT - 24.02.2014, 14:42
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by iBots - 24.02.2014, 15:00
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Pottus - 24.02.2014, 15:00
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by theomanking - 24.02.2014, 16:04
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 24.02.2014, 16:11
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Naruto_Emilio - 24.02.2014, 16:36
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 24.02.2014, 16:38
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Pottus - 24.02.2014, 17:08
Re : Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by samp_boy - 24.02.2014, 17:13
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 24.02.2014, 17:20
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Misiur - 24.02.2014, 19:51
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 24.02.2014, 20:16
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by iBots - 24.02.2014, 20:19
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 12.03.2015, 01:54
AW: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Madretsma - 12.03.2015, 02:13
Respuesta: AW: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 12.03.2015, 02:31
AW: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Madretsma - 12.03.2015, 04:07
Re: Respuesta: AW: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by StarPeens - 12.03.2015, 04:09
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Sanady - 12.03.2015, 06:11
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Patrik356b - 12.03.2015, 17:57
Respuesta: Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 13.03.2015, 14:58
Re: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by Excel™ - 16.03.2015, 15:28
Respuesta: Advanced Inventory/Object Managament Script (DayZ Themed) [SQL;Dynamic;Beta] - by CuervO - 18.03.2015, 17:05

Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Filterscripts