- 0
-
Similar Content
-
- 0 replies
- 230 views
-
- 2 replies
- 166 views
-
Problema turf
By Soryn.,
- 3 answers
- 254 views
-
- 1 reply
- 177 views
-
Problema
By ImJustSlim,
- 3 answers
- 286 views
-
-
Recently Browsing 0 members
- No registered users viewing this page.
Question
wifi123
Nick:wifi123
Problema:Am schimbat numele de la baza de date sql din acounts.db in ConturiServer.db si acum , jumate din conturi au level maxim,
Erori / warnings:
Lini/script:
[pawn] BUD::Setting(opt.Database, "ConturiServer.db");
BUD::Setting(opt.Asynchronous, true);
BUD::Setting(opt.KeepAliveTime, 3000);
BUD::Setting(opt.CheckForUpdates, true);
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
BUD::Initialize();
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
BUD::VerifyColumn("APass", BUD::TYPE_STRING); BUD::VerifyColumn("IP", BUD::TYPE_STRING);
BUD::VerifyColumn("Hours", BUD::TYPE_NUMBER); BUD::VerifyColumn("Minutes", BUD::TYPE_NUMBER);
BUD::VerifyColumn("Seconds", BUD::TYPE_NUMBER); BUD::VerifyColumn("Kills", BUD::TYPE_NUMBER);
BUD::VerifyColumn("Deaths", BUD::TYPE_NUMBER); BUD::VerifyColumn("Admin", BUD::TYPE_NUMBER);
BUD::VerifyColumn("Vip", BUD::TYPE_NUMBER); BUD::VerifyColumn("Respect", BUD::TYPE_NUMBER);
BUD::VerifyColumn("NegRespect", BUD::TYPE_NUMBER); BUD::VerifyColumn("C4Bombs", BUD::TYPE_NUMBER);
BUD::VerifyColumn("Ignores", BUD::TYPE_STRING); BUD::VerifyColumn("EnMS", BUD::TYPE_NUMBER);
BUD::VerifyColumn("Banned", BUD::TYPE_NUMBER); BUD::VerifyColumn("Coins", BUD::TYPE_NUMBER);
BUD::VerifyColumn("Score", BUD::TYPE_NUMBER); BUD::VerifyColumn("WifThings", BUD::TYPE_STRING);
BUD::VerifyColumn("SPoints", BUD::TYPE_NUMBER); BUD::VerifyColumn("UseFavSkin", BUD::TYPE_STRING);
BUD::VerifyColumn("AutoLog", BUD::TYPE_NUMBER); BUD::VerifyColumn("Money", BUD::TYPE_NUMBER);
BUD::VerifyColumn("DescriptLines", BUD::TYPE_STRING); BUD::VerifyColumn("PMStyle", BUD::TYPE_NUMBER);
BUD::VerifyColumn("RaceP", BUD::TYPE_NUMBER); BUD::VerifyColumn("KillingSpree", BUD::TYPE_NUMBER);
BUD::VerifyColumn("AdmVipWarns", BUD::TYPE_STRING); BUD::VerifyColumn("DriftP", BUD::TYPE_NUMBER);
BUD::VerifyColumn("LasONLoggedIn", BUD::TYPE_STRING); BUD::VerifyColumn("HObject0", BUD::TYPE_STRING);
BUD::VerifyColumn("HObject1", BUD::TYPE_STRING); BUD::VerifyColumn("HObject2", BUD::TYPE_STRING);
BUD::VerifyColumn("HObject3", BUD::TYPE_STRING); BUD::VerifyColumn("HObject4", BUD::TYPE_STRING);
BUD::VerifyColumn("HObject5", BUD::TYPE_STRING); BUD::VerifyColumn("HObject6", BUD::TYPE_STRING);
BUD::VerifyColumn("HObject7", BUD::TYPE_STRING); BUD::VerifyColumn("HObject8", BUD::TYPE_STRING);
BUD::VerifyColumn("HObject9", BUD::TYPE_STRING); BUD::VerifyColumn("UseHolds", BUD::TYPE_NUMBER);[/pawn]
[pawn]stock ShowTop(playerid, stats[], what[], limit = MAX_TOP_LIMIT)
{
//--------------------------------------------------------------------------
new Speed = GetTickCount(), DialString[3_000], String[2][128],
Query[2][256], DBResult:Result1, DB:g_dbKeptAlive, what2[30];
g_dbKeptAlive = db_open("ConturiServer.db");
//--------------------------------------------------------------------------
format(Query[0], 256, "SELECT `name` FROM `users` ORDER BY `%s` *1 DESC limit %d", stats, limit);
Result1 = db_query(g_dbKeptAlive, Query[0]);
//--------------------------------------------------------------------------
if(!strcmp(what, "Score")) what2 = "Score";
else if(!strcmp(what, "Coins")) what2 = "Coins";
else if(!strcmp(what, "Hours")) what2 = "Hours";
else if(!strcmp(what, "Respect")) what2 = "Respect";
else if(!strcmp(what, "Kills")) what2 = "Kills";
else if(!strcmp(what, "SPoints")) what2 = "Stunt Points";
else if(!strcmp(what, "RaceP")) what2 = "Race Points";
else if(!strcmp(what, "DriftP")) what2 = "Drift Points";
else if(!strcmp(what, "KillingSpree")) what2 = "Best Killing Spree";
//--------------------------------------------------------------------------
format(DialString, sizeof DialString, "{FF9900}Top Players by {11FF00}%s\n", what2);
for(new Qr; Qr < db_num_rows(Result1); Qr++)
{
db_get_field(Result1, 0, String[0], 128);
format(Query[1], 256, "SELECT `%s` FROM `users` WHERE `Name` = '%s'", stats, String[0]);
new DBResult:Result2 = db_query(g_dbKeptAlive, Query[1]);
db_get_field(Result2, 0, String[1], 128);
//----------------------------------------------------------------------
if(!strcmp(stats, "Score")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Score: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/ );
//----------------------------------------------------------------------
else if(!strcmp(stats, "Coins")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Coins: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "SPoints")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Stunt Points: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "Hours")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Hours: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "Kills")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Kills: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "Respect")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Respect: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "RaceP")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Race Points: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "DriftP")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Drift Points: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
else if(!strcmp(stats, "KillingSpree")) format(DialString, sizeof DialString,
"%s\n{AFAFAF}%d. {11FF00}%s {AFAFAF}Best Killing Spree: {00BBF6}%s", DialString, Qr+1, String[0], String[1]/*FormatNumber(strval(String[1]))*/);
//----------------------------------------------------------------------
db_next_row(Result1);
db_free_result(Result2);
}
db_free_result(Result1);
db_close(g_dbKeptAlive);
format(DialString, sizeof DialString, "%s\n\n{FF9900}Top list generated in {11FF00}%d{FF9900} ms.", DialString, GetTickCount() - Speed);
ShowPlayerDialog( playerid, 123, DIALOG_STYLE_MSGBOX, "{0066CC}W{FFFF00}I{FF0000}F{AFAFAF} - Top Players", DialString, "Ok", "");
return 1;
}[/pawn]
Ai incercat sa rezolvi singur ?:Da , am schimbat numele la baza de date ca sa scap de cineva care imi tot dadea sql injection si am schimbat numele crezand ca nu o sa imi mai de-a sql inject daca nu stia numele de la baza dar fara folos , stiu ca baza de date sql este foarte veche si ca nu se mai foloseste dar nu stiu cum sa trec pe mysql , am vazut ca in gm am linii cu mysql dar sunt inchise cu /* */
Link to comment
Share on other sites
1 answer to this question
Recommended Posts