Raised This Month: $ Target: $400
 0% 

Server crashes on every Mapchange


Post New Thread Reply   
 
Thread Tools Display Modes
Schwabba
Senior Member
Join Date: Apr 2008
Old 08-16-2011 , 14:24   Re: Server crashes on every Mapchange
Reply With Quote #11

The full code = 5806 lines and i won't give it away, but the part of the code loooks like:

PHP Code:
public Load_MySql(id)
{
    if(
g_sql_ready)
    {
        if(
g_SqlTuple == Empty_Handle)
        {
            
set_fail_state(g_Error)
        }

        new 
szSteamId[32], szTemp[512]
        
get_user_authid(idszSteamIdcharsmax(szSteamId))

        new 
Data[1]
        
Data[0] = id
        
if(szSteamId[11])
        {
            
format(szTemp,charsmax(szTemp),"SELECT * FROM `furienmoney` WHERE (`furienmoney`.`steamid` = '%s')"szSteamId)
            
SQL_ThreadQuery(g_SqlTuple,"register_client",szTemp,Data,1)
        }
        else
        {
            
set_task(2.0,"Load_MySql"id)
        }
    }
}

public 
register_client(FailState,Handle:Query,Error[],Errcode,Data[],DataSize)
{
    if(
FailState == TQUERY_CONNECT_FAILED)
    {
        
log_amx("Load - Could not connect to SQL database.  [%d] %s"ErrcodeError)
    }
    else if(
FailState == TQUERY_QUERY_FAILED)
    {
        
log_amx("Load Query failed. [%d] %s"ErrcodeError)
    }
    new 
id
    id 
Data[0]
    if(
SQL_NumResults(Query) < 1
    {
        
//.if there are no results found

        
new szSteamId[32], szName[32], szQuotedName[64]
        
get_user_authid(idszSteamIdcharsmax(szSteamId))
        
get_user_name(idszName31)
        
SQL_QuoteString(g_SqlConnectionszQuotedName63szName)

        if (
equal(szSteamId,"ID_PENDING"))
        {
            return 
PLUGIN_HANDLED
        
}
            
        new 
szTemp[512]
        new 
time get_systime()

        
format(szTemp,charsmax(szTemp),"INSERT INTO `furienmoney` ( `steamid` , `name` , `money` , `time`, `ac_money1`, `ac_money2`, `ac_money3`, `ac_fseen`, `ac_lseen`, `ac_shop`, `time1_unlock`, `time2_unlock`, `time3_unlock`, `money1_unlock`, `money2_unlock`, `money3_unlock`, `shop1_unlock`, `shop2_unlock`, `shop3_unlock`, `shop4_unlock`, `shop5_unlock`) VALUES ('%s','%s','0','0','0','0','0','%i','%i','z','0','0','0','0','0','0','0','0','0','0','0');",
        
szSteamIdszQuotedNametimetime)
        
SQL_ThreadQuery(g_SqlTuple,"IgnoreHandle",szTemp)

        
format(szTemp,charsmax(szTemp),"INSERT INTO `furienmoney` ( `shop6_unlock`, `shop7_unlock`, `shop8_unlock`, `shop9_unlock`, `shop10_unlock`, `love_unlock`, `ac_camp`, `camp1_unlock`, `camp2_unlock`, `camp3_unlock`, `ac_run`, `run1_unlock`, `run2_unlock`, `run3_unlock`, `health_unlock`, `schwabba_unlock`, `ac_knife`, `knife_unlock`, `last_unlock`) VALUES ('0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0');",
        
szSteamIdszQuotedNametimetime)
        
SQL_ThreadQuery(g_SqlTuple,"IgnoreHandle",szTemp)

        
format(szTemp,charsmax(szTemp),"INSERT INTO `furienmoney` ( `ac_rounds`, `virus_unlock`, `ac_one`, `one_unlock`, `ac_defuse`, `defuse_unlock`, `ac_plant`, `plant_unlock`, `ac_units`, `units_unlock`, `para_unlock`, `start_unlock`, `ac_streak`, `streak_unlock`, `all_unlock`, `ac_anti`, `anti1_unlock`, `anti2_unlock`, `anti3_unlock`) VALUES ('0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0');",
        
szSteamIdszQuotedNametimetime)
        
SQL_ThreadQuery(g_SqlTuple,"IgnoreHandle",szTemp)

        
format(szTemp,charsmax(szTemp),"INSERT INTO `furienmoney` ( `ac_furi`, `furi1_unlock`, `furi2_unlock`, `furi3_unlock`, `ac_ak47`, `ak47_unlock`, `ac_m4a1`, `m4a1_unlock`, `ac_mp5`, `mp5_unlock`, `ac_xm1014`, `xm1014_unlock`, `ac_m3`, `m3_unlock`, `ac_deagle`, `deagle_unlock`, `ac_messer`, `messer_unlock`, `ac_nade`, `nade_unlock`, `ac_total`) VALUES ('0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0','0');",
        
szSteamIdszQuotedNametimetime)
        
SQL_ThreadQuery(g_SqlTuple,"IgnoreHandle",szTemp)

    } 
    else 
    {
        
iMoney[id]        = SQL_ReadResult(Query2)
        
iMoney2[id]        = SQL_ReadResult(Query2)
        
ac_time[id]        = SQL_ReadResult(Query3)
        
ac_money1[id]        = SQL_ReadResult(Query4)
        
ac_money2[id]        = SQL_ReadResult(Query5)
        
ac_money3[id]        = SQL_ReadResult(Query6)
        
ac_fseen[id]        = SQL_ReadResult(Query7)
        
SQL_ReadResult(Query9ac_shop[id], 19)
        
ac_love[id]        = SQL_ReadResult(Query26)
        
ac_camp[id]        = SQL_ReadResult(Query27)
        
ac_run[id]        = SQL_ReadResult(Query31)
        
ac_run_old[id]        = SQL_ReadResult(Query31)
        
ac_health[id]        = SQL_ReadResult(Query35)
        
ac_schwabba[id]        = SQL_ReadResult(Query36)
        
ac_knife[id]        = SQL_ReadResult(Query37)
        
ac_last[id]        = SQL_ReadResult(Query39)
        
ac_rounds[id]        = SQL_ReadResult(Query40)
        
ac_virus[id]        = SQL_ReadResult(Query41)
        
ac_one[id]        = SQL_ReadResult(Query42)
        
ac_defuse[id]        = SQL_ReadResult(Query44)
        
ac_plant[id]        = SQL_ReadResult(Query46)
        
ac_units[id]        = SQL_ReadResult(Query48)
        
ac_para[id]        = SQL_ReadResult(Query50)
        
ac_start[id]        = SQL_ReadResult(Query51)
        
ac_topstreak[id]        = SQL_ReadResult(Query52)
        
ac_all[id]        = SQL_ReadResult(Query54)
        
ac_all2[id]        = SQL_ReadResult(Query54)
        
ac_anti[id]        = SQL_ReadResult(Query55)
        
ac_furi[id]        = SQL_ReadResult(Query59)
        
ac_ak47[id]        = SQL_ReadResult(Query63)
        
ac_m4a1[id]        = SQL_ReadResult(Query65)
        
ac_mp5[id]        = SQL_ReadResult(Query67)
        
ac_xm1014[id]        = SQL_ReadResult(Query69)
        
ac_m3[id]        = SQL_ReadResult(Query71)
        
ac_deagle[id]        = SQL_ReadResult(Query73)
        
ac_messer[id]        = SQL_ReadResult(Query75)
        
ac_nade[id]        = SQL_ReadResult(Query77)
        
ac_kevin[id]        = SQL_ReadResult(Query82)
        
ac_total[id] = 0
        
if(ac_time[id] >= 3600)
        {
            
ac_time2[id] = true
            ac_total
[id]++
        }
        if(
ac_time[id] >= 86400)
        {
            
ac_time3[id] = true
            ac_total
[id]++
        }
        if(
ac_time[id] >= 604800)
        {
            
ac_time4[id] = true
            ac_total
[id]++
        }
        if(
ac_money1[id])
        {
            
ac_total[id]++
        }
        if(
ac_money2[id])
        {
            
ac_total[id]++
        }
        if(
ac_money3[id])
        {
            
ac_total[id]++
        }
        if(!
ac_fseen[id])
        {
            
ac_fseen[id] = get_systime()
        }
        if(
contain(ac_shop[id],"a") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"b") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"c") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"d") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"e") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"f") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"g") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"h") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"i") != -1)
        {
            
ac_total[id]++
        }
        if(
contain(ac_shop[id],"a") != -&& contain(ac_shop[id],"b") != -&& contain(ac_shop[id],"c") != -&& contain(ac_shop[id],"d") != -&& contain(ac_shop[id],"e") != -&& contain(ac_shop[id],"f") != -&& contain(ac_shop[id],"g") != -&& contain(ac_shop[id],"h") != -&& contain(ac_shop[id],"i") != -1)
        {
            
ac_total[id]++
        }
        if(
ac_love[id])
        {
            
ac_total[id]++
        }
        if(
ac_camp[id] >= 5)
        {
            
ac_total[id]++
        }
        if(
ac_camp[id] >= 25)
        {
            
ac_total[id]++
        }
        if(
ac_camp[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_run[id] >= 320000)
        {
            
ac_total[id]++
        }
        if(
ac_run[id] >= 3200000)
        {
            
ac_total[id]++
        }
        if(
ac_run[id] >= 32000000)
        {
            
ac_total[id]++
        }
        if(
ac_health[id])
        {
            
ac_total[id]++
        }
        if(
ac_schwabba[id])
        {
            
ac_total[id]++
        }
        if(
ac_kevin[id])
        {
            
ac_total[id]++
        }
        if(
ac_knife[id] >= 3)
        {
            
ac_total[id]++
        }
        if(
ac_virus[id])
        {
            
ac_total[id]++
        }
        if(
ac_last[id])
        {
            
ac_total[id]++
        }
        if(
ac_one[id] >= 10)
        {
            
ac_total[id]++
        }
        if(
ac_defuse[id] >= 15)
        {
            
ac_total[id]++
        }
        if(
ac_plant[id] >= 15)
        {
            
ac_total[id]++
        }
        if(
ac_units[id] >= 1500)
        {
            
ac_total[id]++
        }
        if(
ac_para[id])
        {
            
ac_total[id]++
        }
        if(
ac_start[id])
        {
            
ac_total[id]++
        }
        if(
ac_topstreak[id] >= 5)
        {
            
ac_total[id]++
        }
        if(
ac_all[id])
        {
            
ac_total[id]++
        }
        if(
ac_anti[id] >= 50)
        {
            
ac_anti1[id] = true
            ac_total
[id]++
        }
        if(
ac_anti[id] >= 250)
        {
            
ac_anti2[id] = true
            ac_total
[id]++
        }
        if(
ac_anti[id] >= 500)
        {
            
ac_anti3[id] = true
            ac_total
[id]++
        }
        if(
ac_furi[id] >= 50)
        {
            
ac_furi1[id] = true
            ac_total
[id]++
        }
        if(
ac_furi[id] >= 250)
        {
            
ac_furi2[id] = true
            ac_total
[id]++
        }
        if(
ac_furi[id] >= 500)
        {
            
ac_furi3[id] = true
            ac_total
[id]++
        }
        if(
ac_ak47[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_m4a1[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_mp5[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_xm1014[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_m3[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_deagle[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_messer[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_nade[id] >= 50)
        {
            
ac_total[id]++
        }
        if(
ac_total[id] >= 50)
        {
            
ac_total[id]++
        }
        new 
szLogname[32], szLogauth[32];
        
get_user_name(idszLognamecharsmax(szLogname));
        
get_user_authid(idszLogauthcharsmax(szLogauth));
        
log_to_file("Moneylog.txt""Loaded %i$ of %s (%s)."iMoney[id], szLognameszLogauth)
        
set_task(0.2,"give_money"id)
    }
    
g_loaded[id] = true
    
return PLUGIN_HANDLED
}

public 
Save_MySql(id)
{
    if(
g_loaded[id] && iStart[id])
    {
        new 
szSteamId[32], szTemp[512], szName[32], szQuotedName[64], money
        get_user_authid
(idszSteamIdcharsmax(szSteamId))
        
get_user_name(idszName31)
        
SQL_QuoteString(g_SqlConnectionszQuotedName63szName)
        
money iMoney[id] - iMoney2[id]
        new 
time get_systime()
        
format(szTemp,charsmax(szTemp),"UPDATE `furienmoney` SET `name` = '%s', `money` = `money` +%i, `time` = '%i', `ac_money1` = '%i', `ac_money2` = '%i', `ac_money3` = '%i', `ac_fseen` = '%i', `ac_lseen` = '%i', `ac_shop` = '%s', `ac_camp` = '%i', `ac_run` = '%i', `ac_knife` = '%i', `ac_rounds` = '%i', `ac_one` = '%i', `ac_defuse` = '%i', `ac_plant` = '%i', `ac_units` = '%i', `ac_streak` = '%i' WHERE `furienmoney`.`steamid` = '%s';",
        
szQuotedName,money,ac_time[id],ac_money1[id],ac_money2[id],ac_money3[id],ac_fseen[id],time,ac_shop[id],ac_camp[id],ac_run[id],ac_knife[id],ac_rounds[id],ac_one[id],ac_defuse[id],ac_plant[id],ac_units[id],ac_topstreak[id],szSteamId)
        
SQL_ThreadQuery(g_SqlTuple,"IgnoreHandle",szTemp)
        
format(szTemp,charsmax(szTemp),"UPDATE `furienmoney` SET `ac_anti` = '%i', `ac_furi` = '%i', `ac_ak47` = '%i', `ac_m4a1` = '%i', `ac_mp5` = '%i', `ac_xm1014` = '%i', `ac_m3` = '%i', `ac_deagle` = '%i', `ac_messer` = '%i', `ac_nade` = '%i', `ac_total` = '%i', `ac_status` = '1' WHERE `furienmoney`.`steamid` = '%s';",
        
ac_anti[id],ac_furi[id],ac_ak47[id],ac_m4a1[id],ac_mp5[id],ac_xm1014[id],ac_m3[id],ac_deagle[id],ac_messer[id],ac_nade[id],ac_total[id],szSteamId)
        
SQL_ThreadQuery(g_SqlTuple,"IgnoreHandle",szTemp)
        new 
szLogname[32], szLogauth[32];
        
get_user_name(idszLognamecharsmax(szLogname));
        
get_user_authid(idszLogauthcharsmax(szLogauth));
        
log_to_file("Moneylog.txt""Changed money of %s (%s) to %i$. Old money: %i"szLognameszLogauthiMoney[id], iMoney2[id])
        
iMoney2[id] = iMoney[id]
    }

Schwabba is offline
Exolent[jNr]
Veteran Member
Join Date: Feb 2007
Location: Tennessee
Old 08-16-2011 , 14:30   Re: Server crashes on every Mapchange
Reply With Quote #12

Quote:
Originally Posted by Schwabba View Post
The full code = 5806 lines and i won't give it away, but the part of the code loooks like:
Well that doesn't help.
__________________
No private work or selling mods.
Quote:
Originally Posted by xPaw View Post
I love you exolent!
Exolent[jNr] is offline
Schwabba
Senior Member
Join Date: Apr 2008
Old 08-16-2011 , 14:34   Re: Server crashes on every Mapchange
Reply With Quote #13

Why? You said you need the MySql Query.
Schwabba is offline
Exolent[jNr]
Veteran Member
Join Date: Feb 2007
Location: Tennessee
Old 08-16-2011 , 14:40   Re: Server crashes on every Mapchange
Reply With Quote #14

Quote:
Originally Posted by Schwabba View Post
You said you need the MySql Query.
Where?

Quote:
Originally Posted by Exolent[jNr] View Post
Show the full code.

Also, you don't have to use SQL_QuoteString().
If you know the format of the queries, you can replace the escape characters easily.
__________________
No private work or selling mods.
Quote:
Originally Posted by xPaw View Post
I love you exolent!
Exolent[jNr] is offline
Schwabba
Senior Member
Join Date: Apr 2008
Old 08-16-2011 , 15:26   Re: Server crashes on every Mapchange
Reply With Quote #15

Sure i know the format of the queries, but what are escape characters and how to change them?
Schwabba is offline
Exolent[jNr]
Veteran Member
Join Date: Feb 2007
Location: Tennessee
Old 08-16-2011 , 15:36   Re: Server crashes on every Mapchange
Reply With Quote #16

It seems you are enclosing your data in single quotes.
Therefore, any string that contains single quotes is liable to break/inject your query.

To fix this, replace all single quotes with 2 single quotes.
' -> ''
__________________
No private work or selling mods.
Quote:
Originally Posted by xPaw View Post
I love you exolent!
Exolent[jNr] is offline
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 06:42.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode