hello. i want to store player's nickname into mysql database, but with doing escape string, im thinking of using:
Code:
new name[ 32 ]
SQL_PrepareQuery( name, name, 32 * 2 )
...
stock SQL_PrepareString( const source[], dest[], len )
{
copy( dest, len, source )
replace_all( dest, len, "\\", "\\\\" )
replace_all( dest, len, "\0", "\\0" )
replace_all( dest, len, "\n", "\\n" )
replace_all( dest, len, "\r", "\\r" )
replace_all( dest, len, "\x1a", "\Z" )
replace_all( dest, len, "'", "\'" )
replace_all( dest, len, "^"", "\^"" )
}
Also i saw code (and used once, but im still confused how efficient is that function) for other 'method':
Code:
new name[ 32 ], escName[ 64 ]
SQL_QuoteString( Empty_Handle, escName, charsmax( escName ), name )
then use escName for query input
What would be the best solution to use, with having in mind connected nickname should be equal from mysql (like doing reversed escape nickname?) ? Thanks in advace!
__________________