[TwinkiDaBoss]

Alright so there are no errors or nothing, but it wont insert the `AgeStarted`.

PHP код:

mysql_format(mysql, query, sizeof(query), "INSERT INTO `players` (`Username`, `Password`, `IP`, `Admin`, `VIPLevel`,`CharactersCreated`,`AgeStarted`) VALUES ('%e', '%s', '%s',0,0,0,'%i')", Name[playerid], AccInfo[playerid][Password], IP[playerid],gettime());
            mysql_tquery(mysql, query, "OnAccountRegister", "i", playerid); 


[HarrisonC]

Код:

mysql_format(mysql, query, sizeof(query), "INSERT INTO `players` (`Username`, `Password`, `IP`, `Admin`, `VIPLevel`,`CharactersCreated`,`AgeStarted`) VALUES ('%s', '%s', '%s',0,0,0,%d)", Name[playerid], AccInfo[playerid][Password], IP[playerid],gettime());             
mysql_tquery(mysql, query, "OnAccountRegister", "i", playerid);

Try that instead.
Please rep me if it helps

[AmigaBlizzard]

Don't use "%s" for a player's name, always use %e to prevent mysql injections.
If a player would enter a name like

PHP код:

";DROP TABLE players;" 


, your database is gone without warning if you use %s for user-inputted text.

As for the problem, %i or %d would be fine as Harrison said, without the ' around it.
You only need to use a value between ' when it's a string.

[HarrisonC]

Quote:

Originally Posted by AmigaBlizzard Don't use "%s" for a player's name, always use %e to prevent mysql injections. If a player would enter a name like PHP код: ";DROP TABLE players;"  , your database is gone without warning if you use %s for user-inputted text. As for the problem, %i or %d would be fine as Harrison said, without the ' around it. You only need to use a value between ' when it's a string.

Assumed he would've escaped the string beforehand.
I like to do that just to be sure

[TwinkiDaBoss]

Yeah.. figured this one on my own before I responded haha, but still tahnks + rep