[Chump]

Quote:

Originally Posted by AmigaBlizzard Players could choose to enter "; DROP TABLE accounts;" as their name, it would wipe your database upon logging in. It's not a regular name you would see everyday, but it does the trick in messing up your server.

Good point, but SA-MP doesn't allow spaces, semi-colons, or singular quotes in player names, making it impossible for SQL injection to happen from that alone. Only alphanumerical characters and certain symbols ([ ], ( ), =, @, _, etc.) are allowed. Everything else inputted by players should be escaped though.