'Aceste caractere nu sunt permise' cand pun tag de clan - GM BigZone

iRay · December 16, 2016

Salut, poate multi cunoasteti antisqlinjection, ei bine o am si eu in acest gm.

Problema este ca, cand doresc sa-mi pun un tag de clan care contine []. etc... imi zice ca, 'Caracterele nu sunt permise'.

Am mai postat pe un grup de FB aceasta problema si mi-a zis sa sterg '#' de la dialogurile clanurile, dar nu am vazut nici un # sau poate e altcumva/altundeva sau poate nu ma uit eu bine...

Pentru cod etc.. lasati reply.

InceMan · December 16, 2016

ei bine na acuma respecta si tu macar regulamentul de postare dupa o sa ai si rezultate!

WopsS · December 16, 2016

Lasa-ne codul in care se executa atunci cand creezi un clan nou.

iRay · December 16, 2016

Quote

   if(dialogid == DIALOG_CHOOSECLANNAME)
   {
   if(response)
   {
           if(strlen(inputtext) >= 3 && strlen(inputtext) <= 20)
           {
               new clanname[25],strings[128];
               mysql_real_escape_string(inputtext, clanname);
               strcpy(ClanInfo[PlayerInfo[playerid][pClan]][cClanName], clanname, sizeof(clanname));
               mysql_format(SQL, string, sizeof(string), "UPDATE clans SET `clanName`='%s' WHERE `clanID`='%d'", clanname, PlayerInfo[playerid][pClan]);
               mysql_tquery(SQL,string,"","");
               format(strings, sizeof(strings), "Clan name: %s.", clanname);
               SendClientMessage(playerid, COLOR_GENANNOUNCE, strings);
               ShowPlayerDialog(playerid, DIALOG_CHOOSECLANTAG, DIALOG_STYLE_INPUT, "Clan tag", "Insert clan tag in the box below:\n(You can't change it after that!)", "Ok", "");
           }
           else
           {
               ShowPlayerDialog(playerid, DIALOG_CHOOSECLANNAME, DIALOG_STYLE_INPUT, "Clan name", "Insert clan name in the box below:\nMinimum 3 characters and maximum 20 characters.\n(You can't change it after that!)", "Ok", "");
               return 1;
           }
       }
   }
   if(dialogid == DIALOG_CHOOSECLANTAG)
   {
   if(response)
   {
           if(strlen(inputtext) >= 2 && strlen(inputtext) <= 15)
           {
               new clanname[25],strings[256];
               mysql_real_escape_string(inputtext, clanname);
               strcpy(ClanInfo[PlayerInfo[playerid][pClan]][cClanTag], clanname, sizeof(clanname));
               mysql_format(SQL, strings, sizeof(strings), "UPDATE clans SET `clanTag`='%s' WHERE `clanID`='%d'", clanname, PlayerInfo[playerid][pClan]);
               mysql_tquery(SQL,strings,"","");
               format(strings, sizeof(strings), "Clan tag: %s.", clanname);
               SendClientMessage(playerid, COLOR_GENANNOUNCE, strings);
               mysql_format(SQL, strings, sizeof(strings), "SELECT * FROM `clans`");
               mysql_tquery(SQL, strings, "LoadClanInfo", "");
           }
           else
           {
               ShowPlayerDialog(playerid, DIALOG_CHOOSECLANTAG, DIALOG_STYLE_INPUT, "Clan tag", "Insert clan tag in the box below:\nMinimum 2 characters and maximum 15 characters.\n(You can't change it after that!)", "Ok", "");
               return 1;
           }
       }
   }

Asta executa cand dau /shop - Create Clan.

WopsS · December 16, 2016

Nu vad unde iti arata mesajul specificat de tine.

zEr0Spaima · December 16, 2016

11 minutes ago, WopsS said:

Nu vad unde iti arata mesajul specificat de tine.

Are protectia aia anti sql sau cum se chema care daca puneai % sau altceva intr-un dialog pica server-ul.

stefanpuica · December 16, 2016

CTRL+F si cauta textul Caracterele nu sunt permise iar acolo vei gasi si liniile de la antisql

Banditul · December 17, 2016

Sau puteti face escape la toate stringurile cu imput trimise spre baza de date si astfel nu aveti nevoie de acel antisqlinjection . Cum se face escape? Folosind functia mysql_real_escape_string (versiune mai veche de mysql) , sau %e in loc de %s la mysql_format

Edited December 17, 2016 by Banditul

iRay · December 17, 2016

Quote

for(new i; i < sizeof(antisqlinjection); i++)
{
   if(strfind(inputtext, antisqlinjection, true) != -1)
   {
       SCM(playerid, -1, "Nu sunt permise asemenea caractere.");
       return 1;
    }
}

Asta e pentru toate, nu e ceva anumea la sistemul de clan...

21 hours ago, Banditul said:

Sau puteti face escape la toate stringurile cu imput trimise spre baza de date si astfel nu aveti nevoie de acel antisqlinjection . Cum se face escape? Folosind functia mysql_real_escape_string (versiune mai veche de mysql) , sau %e in loc de %s la mysql_format

Am versiunea R38, dar problema e ca nu prea ma pricep in MySQL..

Sign In

'Aceste caractere nu sunt permise' cand pun tag de clan - GM BigZone

Question

iRay

8 answers to this question

Recommended Posts

InceMan

WopsS

iRay

WopsS

zEr0Spaima

stefanpuica

Banditul

iRay

Similar Content

Problema clan members: Nu afiseaza membrii.

Am o problema cu un special quest de iarna,sunt la inceput cu scripting-ul si am o problema,cand intru in raza de checkpoint nu se intampla absolut nimic,stie cineva de ce?

ajutor conectare data de baze in gamemode ca nustiu care pun ca le pun pe amandoua si numi merge va las jos sa imi spuneti care ip trebuie

Am o problema cu un battlepass,de ce nu merge comanda /misiuni cand o scriu,tin sa precizez ca script-ul mi l-a facut chatgpt

Problema cu DS BIGZONE

Recently Browsing 0 members

Browse

Activity

Important Information