22.10.2015, 08:27
Because every string you send into SQLs are a potential query (even when you are trying to store a string using a query), they can be manipulated to inject into your SQL, inserting data you don't want, retrieving or updating them, leading to many things, worst is losing whole data you got
It's rare in sa-mp, but still better be safe than sorry
As a role of thumb, whenever you want to save any string a player inserted ( user, pass etc.) escape them, it's not necessary to escape what you write in your own pawn code
It's rare in sa-mp, but still better be safe than sorry
As a role of thumb, whenever you want to save any string a player inserted ( user, pass etc.) escape them, it's not necessary to escape what you write in your own pawn code