thank you for the info, i have some problems using those however:
I'm having a hard time figuring out how to use SQL_QuoteStringFmt, it returns the length of the new string or -1 on failure. so in my example i tried to escape g_admin_joined but i got all sorts of errors such as :
Code:
[SQLERROR]: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'\' , NOW( ) , \'g#\' , \'STEAM_ID_PENDING\' , \'zzz.zzz.zzz.zzz:27005\', \'joine' at line 1
i should mention that i used the ingame name g#'d;#Sdf'_$ for testing purposes.
as you can see it escapes everything.
its not really what i wanted, and i dont quite understand how it works, wouldnt it be easier to have smth like this
Code:
new Handle:query= SQL_PrepareQuery(Handle:db,"INSERT INTO `%s` (`field`) VALUES ('%s)",table_name,SQL_safequotesomething(fieldvalue))
and if theres no such thing then how can i manually escape those hex chars that php's mysq_real_escape_string escapes ?
Code:
\x00, \n, \r, \, ', " and \x1a