Bail,
I've run into a similiar problem with escape characters and player names in SQL. Check the following example:
Code:
public Action:Command_test2(client, args)
{
decl String:query[255];
decl String:player_name[50];
decl String:quoted_query[255];
strcopy(player_name, sizeof(player_name), "Dave //*SmackDown*\\");
PrintToServer("Player Name: %s", player_name);
Format(query,
sizeof(query),
"insert into player_name (steam_id, name) values ('123','%s')", player_name);
PrintToServer("First Query: %s", query);
SQL_QuoteString(g_db, query, player_name, sizeof(player_name));
Format(quoted_query,
sizeof(quoted_query),
"insert into player_name (steam_id, name) values ('123','%s')", player_name);
PrintToServer("Second Query: %s", quoted_query);
DoQuery(client, quoted_query);
return Plugin_Handled;
}
If a player comes into the server with a single slash at the end of their name, the formatted query to insert them will fail, because
\' is mistaken as a escape character... (or so I assume). I've been stripping "\" slashes out of names to prevent this...
What would you think about a "SQL_CleanString" function that would fix the quote issues and fix the slash problem?
Scuzzy