Login

Balcan Fox · 10.09.2015, 13:28

Hello,
I use mysql and im trying to make bussines system. I have a little problem - I can't save players name into bussines info "Owner"...here is everything:

This is when player clicks buy:

Код:

new query[100];
mysql_format(mysql, query, sizeof(query), "SELECT * FROM `shop` WHERE `ID` = %d", Player[playerid][Entering]);
mysql_tquery(mysql, query, "OnShopBuy", "i", playerid);

and here is onshopbuy function

Код:

public OnShopBuy(playerid)
{
	new cijena;
	cijena = cache_get_field_content_int(0, "Cijena");
	if(GetPlayerMoney(playerid) < cijena) return SendClientMessage(playerid, -1, ""COL_RED"[Greљka] "COL_WHITE"Nemate dovoljno novaca");
	if(Player[playerid][Firma] > 0) return SendClientMessage(playerid, -1, ""COL_RED"[Greљka]"COL_WHITE" Vec imate firmu!");
	GivePlayerMoney(playerid, -cijena);
	Player[playerid][Firma] = cache_get_field_content_int(0, "ID");
	indialog[playerid] = 0;
	new query[128], name[24];
   	GetPlayerName(playerid, name, sizeof(name));
        mysql_format(mysql, query, sizeof(query), "UPDATE `shop` SET `Owner` = %s WHERE `ID` = %d", name, Player[playerid][Firma]);
        mysql_tquery(mysql, query, "", "");
	return 1;
}

It works until last 2 lines(saving owners name)

AmirHossaiN · 10.09.2015, 14:25

try it:

PHP код:



UPDATE `shop` SET `Owner` = %s WHERE `ID` = %d

to

PHP код:



UPDATE `shop` SET `Owner` = '%s' WHERE `ID` = '%d'

PHP код:



SELECT * FROM `shop` WHERE `ID` = %d

to

PHP код:



SELECT * FROM `shop` WHERE `ID` = '%d'

BleverCastard · 10.09.2015, 14:46

You don't need the '' quotes around integers, only strings. Also, "SELECT * FROM `shop` WHERE `ID` = %d". Why are you selecting everything from the shop when you only have to update the "owner" field? That is not secure at all if someone was to SQL Inject.

Balcan Fox · 10.09.2015, 14:47

Thank you my friend x)
I have one more question about updating informations. Every time someone buys something I want to add some money on shop "account". I tried with this, but it doesn't work. I want to know is it possible to do that without loading informations because it would be A LOT of work...

Код:

"UPDATE `shop` SET `Money` += '100' WHERE `ID` = '%d'"

BleverCastard · 10.09.2015, 14:51

You make a variable in the business enums. "Money"? When someone purchases something BizInfo[businessid][Money] += amount;

From here you then "Update .. SET Money = %d", BizInfo[businessid][Money]);" - Example.

Balcan Fox · 10.09.2015, 14:57

I don't use enums for busines...should I use it for everything? in databse I have "ID, interior, x,y,z, enterx,entery,enterz,entera,owner, level, price..."... What will happen if I use this every time someone wants to enter shop and load data from database?

Код:

mysql_format(mysql, query, sizeof(query), "SELECT * FROM `shop` WHERE `ID` = %d", Player[playerid][Entering]);
			mysql_tquery(mysql, query, "OnShopEnter", "i", playerid);

BleverCastard · 10.09.2015, 15:00

You don't use enums? Are you sure?

1) Lag. Think about it. If you had 100 users all run into a shop, that will most /likely/ lag like a motherfucker.
2) Security. This is a massive security flaw. If someone was to SQL Inject your database, you've lost everything. And it is possible through SA:MP.

Balcan Fox · 10.09.2015, 15:10

How should I define that?
Like this?

Код:

new BizzInfo[20][infos];

20 = number of shops

And how can I load only "Owner"(thing you were saying before...)? and does anything change with that?

BleverCastard · 10.09.2015, 15:16

These are (enum)urators.

As for just loading one value.
When they enter a business(/enter) loop through the businesses, IsInBusiness[playerid] = i; - i being the business ID. From here:
SELECT Owner FROM business WHERE BusinessID = %d, IsInBusiness[playerid]);

Login
Username:
Password:	Lost Password?
	Remember me