[ERR] Unable to prepare statement. Invalid query string

Started by EK.IceFlake, Mar 05, 2017, 08:33 AM

Previous topic - Next topic

EK.IceFlake

I'm trying to create a select query
SQLd <- SQLite.Connection("sqli.db");...
local stmt = SQLd.Query("select * from [players] where lower(name) = '" + SQLite.Escape(player.Name.tolower()) + "'");
But I get this error:
[ERR] Unable to prepare statement. Invalid query string

Why does this occur?

.

Yep. There's a bug in the validation process. It was supposed to be *query == '\0' instead of just *query because the latter always yields true when there's a valid query.

I'll try to push some binaries as soon as possible.

EDIT: A fix was pushed. Waiting to get some free time and build for linux. Should be done in a couple hours.
.

.

.