Vice City: Multiplayer

Error in mysql_query wrong number of arguments
sqliteDB <- mysql_connect( "localhost", "root", "fenkyou", "notwork" );  // on scriptload

if( cmd == "saveloc" ){

sqliteDB <- mysql_query( sqliteDB, "INSERT INTO Gotoloc (Name, x, y, z, Creator)  VALUES('" + text + "', '" + player.Pos.x + "', '" + player.Pos.y + "', '" + player.Pos.z + "', '" + player.Name + "'" );

}

I type /saveloc mansion im getting error

If that error doesn't tell what's wrong then I don't know what will. But your username does tell a lot about you.

You're overwriting your database pointer. You don't want that. If it's a query that you don't care the output from (So insert/update/delete etc.) just do mysql_query without saving it anywhere.

Thanks Thijn ,  it is working now but it is not saving in database

This is my database
CREATE TABLE Gotoloc( Name VARCHAR(32), x INT, y INT, z INT, Creator VARCHAR(25) )

He already told you, if you are not taking any data from a query, you don't need to assign it variables ( specially global... ) and just execute the query like so

mysql_query( sqliteDB, "INSERT INTO Gotoloc (Name, x, y, z, Creator)  VALUES('" + escapeSQLString( text ) + "', '" + player.Pos.x + "', '" + player.Pos.y + "', '" + player.Pos.z + "', '" + player.Name + "'" );

You also didn't escape the SQL string, Get used to it or someone like finch will most probably screw your server up.

Quote from: Doom_Killer on Jul 16, 2015, 05:40 PMsomeone like finch will most probably screw your server up.

Lol, he's way too stupid for that.

FinchDon similar to FarisDon so many people on vccnr call me finch and then i need to explain them thats the reason to change my precious nick to Axel -,-

Doom Killer i already removed that
mysql_query( sqliteDB, "INSERT INTO Gotoloc (Name, x, y, z, Creator)  VALUES('" + text + "', '" + player.Pos.x + "', '" + player.Pos.y + "', '" + player.Pos.z + "', '" + player.Name + "'" );
// Ok i will use yours for security purpose

mysql_query( sqliteDB, "INSERT INTO Gotoloc (Name, x, y, z, Creator)  VALUES('" + escapeSQLString( text ) + "', '" + player.Pos.x + "', '" + player.Pos.y + "', '" + player.Pos.z + "', '" + player.Name + "'" );

now it works i did a mistake at last  + player.Name + "')"

          local q =  ::mysql_query( sqliteDB, "SELECT x, y, z, Creator FROM Gotoloc WHERE Name = '"+ escapeSQLString( text ) +"'" );

          if (mysql_num_fields(q,0) != null)
          {
                local x = mysql_num_fields(q,0), y = mysql_num_fields(q,1), z = mysql_num_fields(q,2), Creator = mysql_num_fields(q,3);
player.Pos = Vector( x, y, z );
          }
when i type /gotoloc savedloc  im going to golf area and


    mysql_query( sqliteDB, "INSERT INTO Gotoloc (Name, x, y, z, Creator)  VALUES('" + escapeSQLString( text ) + "', '" + player.Pos.x.tofloat() + "', '" + player.Pos.y.tofloat() + "', '" + player.Pos.z.tofloat() + "', '" + player.Name + "')" );    why don't float work here

Because you tell your database it's an int. If you want to save x,y and z as floats you have to tell the database you're gonna do that. So change the type of your xyz columns to floats.

Thanks XD its working but why goto loc not working
local q =  ::mysql_query( sqliteDB, "SELECT x, y, z, Creator FROM Gotoloc WHERE Name = '"+ escapeSQLString( text ) +"'" );
 
          if (mysql_num_fields(q,0) != null)
          {
                local x = mysql_num_fields(q,0).tofloat(), y = mysql_num_fields(q,1).tofloat(), z = mysql_num_fields(q,2).tofloat(), Creator = mysql_num_fields(q,3);
player.Pos = Vector( x.tofloat(), y.tofloat(), z.tofloat() );
MessagePlayer( "Syntax Error! You teleported to "+ escapeSQLString( text ) +" "+ x.tofloat" "y.tofloat()""z.tofloat()"", player );
          }

Quote from: Doom_Killer on Jul 16, 2015, 05:40 PMYou also didn't escape the SQL string

Exactly what I told you... I still know of a few servers which are vulnerable to SQL injection (in fact, every server that I have made)

You don't need to use.tofloat from the x, y, z data you get since its already float. Same goes for setting thr position, don't use .tofloat with them since they are floats.

Doom , with float and without float  when i type /gotoloc im going to gulf area no matter what loc i type i will go to gulf

Try using this one:
local q =  ::mysql_query( sqliteDB, "SELECT x, y, z, Creator FROM Gotoloc WHERE Name = '"+ escapeSQLString( text ) +"'" );
 
          if (mysql_num_fields(q,0) != null)
          {
                local x = mysql_num_fields(q,0), y = mysql_num_fields(q,1) z = mysql_num_fields(q,2), Creator = mysql_num_fields(q,3);
    player.Pos = Vector( x.tofloat(), y.tofloat(), z.tofloat() );
    MessagePlayer( "Syntax Error! You teleported to "+ escapeSQLString( text ) +" "+ x.tofloat" "y.tofloat()""z.tofloat()"", player );
          }
I dont know much about Mysql.

Same error in parameter and my player teleports to gulf

MySQL is not exactly like SQLite, there are a few differences you must see, you are using the wrong way to fetch the data resulting in errors, use this and try to learn how its done with MySQL ;)

if ( cmd == "gotoloc" )
{
        if ( !text ) MessagePlayer( "[ffffff]/gotoloc [location]", player );
        else if ( !player.IsSpawned ) MessagePlayer( "[#ffffff]You must be spawned to use this command.", player );
        else
        {         
                local q = mysql_query( sqLiteDB, "SELECT x, y, z, Creator FROM Gotoloc WHERE Name = '"+ escapeSQLString( text ) +"'" );
                if( mysql_num_rows( q ) == 1 )
                {
                        local result = ::mysql_fetch_assoc( q );
                        local x = result[ "x" ], y = result[ "y" ], z = result[ "z" ], Creator = result[ "Creator" ];
                        player.Pos = Vector( x, y, z );
                        MessagePlayer( "[#FFFFFF]Teleported to location: " + text + " Creator: " + Creator, player );
                }
                else MessagePlayer("[#ffffff]Invalid location", player);
                mysql_free_result( q );
        }
}


Lol, Thanks it works :)