TempBan

Started by Finch Real, Jun 13, 2016, 04:58 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Finch Real

Jun 13, 2016, 04:58 PM
I am using Rocky Temp Ban Everythings Works Fine When i Tempban someone and try to untempban it it say Unbanned successful but didn't Untempban that Guy query is still there in db

Untempban Command
Code Select
else if( cmd == "untempban" )
{
if( GetLevel( player ) < 10 ) MessagePlayer("[TEMPBAN] You must be admin of lvl 10 to use this command.", player );
else if( !text ) MessagePlayer("[TEMPBAN] / untempban <Fullname>", player);
else if( !IsBanned( text ) ) MessagePlayer("[TEMPBAN]Player is not banned.", player);
else
{
        QuerySQL( database, "DELETE TABLE FROM Banned WHERE ban_nick='" + text + "' COLLATE NOCASE" );
Message("Unbanned: [ " + text + " ] by Admin: [ " + player.Name + " ]" );

}
}
My Snipet Showroom

http://pastebin.com/5KKuU5cg

Thijn

#1
Jun 13, 2016, 05:11 PM Last Edit: Jun 13, 2016, 05:14 PM by Thijn
That query is wrong, the correct syntax is DELETE FROM Banned. (Remove the TABLE in between).

Also, please sanitize your input. Any admin can just do /untempban ' DELETE FROM Stats --
And your stats table is gone. If it's called that. If not, wouldn't take too long to figure out what it is.

Use mysql_escape_string( string )

Finch Real

#2
Jun 13, 2016, 05:22 PM
Thanks Thijn
Topic Lock
My Snipet Showroom

http://pastebin.com/5KKuU5cg
Print
Go Up Pages1
User actions