[Nin9r]

I asked you if i have to escape all the strings, for example this:

Код HTML:

format(str, sizeof(str), "Car Color ID 1?", price);
			    			ShowPlayerDialog(playerid, 14511, DIALOG_STYLE_INPUT, "Paint Car", str, "Yes", "No");
				}

and dialogid

Код HTML:

if(dialogid == 14511)
 	{
 	    if(response)
 	    {
 	        if(!isnull(inputtext))
 	        {
 	            new points = strval(inputtext);
 	            new str[128];
					if(points >= 0)
					{
							col1[playerid] = points;
mysql_real_escape_string(col1[playerid], col1[playerid]);
							format(saveQuery, sizeof(saveQuery), "UPDATE playeraccounts SET playerCarColour1 = '%d'  WHERE playerID = '%d'",col1[playerid], PlayerData[playerid][pInternalID]);
						mysql_tquery(handle,saveQuery);
					}
	 	   }
          }
  }

It must be escaped?


Do you wanna say that i can use %e like

Код HTML:

format(saveQuery, sizeof(saveQuery), "UPDATE playeraccounts SET playerCarKM = '%e' WHERE playerID = '%d'",PlayerData[playerid][pCarKM],PlayerData[playerid][pInternalID]);
	mysql_tquery(handle,saveQuery);

instead %d, %f (float ) or any type?


Please make me an example.
PS: I searched INPUTTEXT on the entire GM and all the strings are escaped. How can I see where's the problem?