• tmysql problem saving to database.
    7 replies, posted
This is my first attempt using anything related to SQL on GMod. This far it doesn't return a error but it doesnt save to my database. I have no idea what is wrong. [lua] require("tmysql") tmysql.initialize("**********", "**********", "**********", "**********", 3306, 2, 2) function LoadAccount(pl) steamID = pl:SteamID() tmysql.query("SELECT SteamID, Money, Model FROM rp_accounts WHERE SteamID = '"..steamID.."'", function( result ) if result then CompleteAccount( pl ) else CreateAccount( pl ) end end ) end function CompleteAccount ( pl ) SteamID = tmysql.query("SELECT SteamID FROM rp_accounts WHERE SteamID = '"..steamID.."'") Money = tmysql.query("SELECT Money FROM rp_accounts WHERE SteamID = '"..steamID.."'") Model = tmysql.query("SELECT Model FROM rp_accounts WHERE SteamID = '"..steamID.."'") pl:SetNWString("SteamID", SteamID) pl:SetNWInt("Money", Money) pl:SetNWInt("Model", Model) end function CreateAccount(pl) local steamid = pl:SteamID() local name = pl:Name() local money = 500 local model = 'models/police.mdl' tmysql.query("INSERT INTO rp_accounts (SteamID,Name,Money,Model) VALUES ('"..steamid.."','"..name.."','"..money.."',"..model..")") end function SaveStat ( pl ) Money = pl:GetNWInt("Money") SteamID = pl:GetNWString ("SteamID") tmysql.query("UPDATE rp_accounts SET Money = "..Money.." WHERE SteamID = '"..SteamID.."'") end function PlayerInitialSpawn( pl ) timer.Create("Steam_id_delay", 1, 1, function() SteamID = pl:SteamID() pl:SetNWString("SteamID", SteamID) timer.Create("SaveStat", 5, 1, function() SaveStat( pl ) end) LoadAccount( pl ) end) end hook.Add( "PlayerInitialSpawn", "PlayerInitialSpawn", PlayerInitialSpawn ) [/lua]
You're not using tmysql correctly. You use a callback function, like so, for selecting data from the database. [lua] local playerinfo = {} tmysql.query( "SELECT steamid, name, rank FROM members;", function( result, status, err ) if status then for k,data in pairs( result ) do table.insert( playerinfo, { name = data["name"], steamid = data["steamid"], rank = data["rank"] } ) end else ServerLog( err ) end end, 1 ) [/lua] [lua]tmysql.query( Format( "INSERT INTO donations VALUES ( '%s', '%s', '%s', '%s', '%s' )", steamid, email, money, date, transactionid ), function( result, status, err ) if !status then ServerLog( err ) end end )[/lua] These are just examples. tmysql.query( querystring, function callback, callback type )
This realy confuses me.. :/
Could someone else kinda like, explain what I can do to fix it?..
You should really escape the player name... ;drop your table ;)
What does "escape player name" mean? Would be nice knowing what the crap I'm doing instead of just doing something :P
[url]http://wiki.garrysmod.com/?title=Tmysql.escape_real[/url] It prevents that db stuff is ran from player names for example. A player could be named ';drop rp_accounts. So the statement which is saving the stuff would end and it would execute the drop. However, I am not the best with that stuff, it might not be that easy. But it's possible.
Oh, thanks for the "head up"!
Sorry, you need to Log In to post a reply to this thread.