Scripting/Squirrel/Functions/mysql escape string: Difference between revisions

This wiki is using an old backup from 2020

Some information may be old/missing

Revision as of 18:23, 30 January 2017

Escapes a query string to avoid sql injection attacks. This function should be used for every executed query that uses any data given by the players.

Syntax

mysql_escape_string( MySQLConnection handler, string query )

Arguments

MySQLConnection handler - A valid MySQL link/handler
String query - The string to escape

Return value

The escaped string.

Example

function onPlayerJoin( player )
{
   local pName = mysql_escape_string( handler, player.Name );
   local q = mysql_query( handler, "SELECT * FROM Accounts WHERE Name='" + pName + "'" );
   //Do stuff here
}

Related Functions

Template:Scripting/Squirrel/Functions/Mysql

@@ Line 18: / Line 18: @@
    //Do stuff here
 }</pre>
+== Related Functions ==
+{{Scripting/Squirrel/Functions/Mysql}}
+[[Category:Scripting/Squirrel/Functions/Mysql_Functions]]

Scripting/Squirrel/Functions/mysql escape string: Difference between revisions

Revision as of 18:23, 30 January 2017

Contents

Syntax

Arguments

Return value

Example

Related Functions

Navigation menu

Scripting/Squirrel/Functions/mysql escape string: Difference between revisions

Revision as of 18:23, 30 January 2017

Syntax

Arguments

Return value

Example

Related Functions

Navigation menu

Search