HunT Posted October 16, 2012 Share Posted October 16, 2012 (edited) Hi All. i never use this one I working for a new user panel and i want make the Map Shop (no nextmap) First . . the wiki say : Please use executeSQLQuery instead. Why?? i can't use executeSQLCreateTable executeSQLSelect etc.. ? Anyway The Table : function theTable () executeSQLCreateTable ( "mapOwner", "nameMap TEXT, ownerMap TEXT, priceMap INTEGER" ) end addEventHandler ( "onResourceStart", getRootElement(), theTable ) -- other event The Table is Ok (maybe) My question is : who i can get/set the parameter for edit? Tnx Edited October 16, 2012 by Guest Link to comment
Anderl Posted October 16, 2012 Share Posted October 16, 2012 After you create the table, you must delete the table or edit it on the SQL file. I guess there's no other way to edit it. Btw, I ever prefer using queries instead of these default functions. Link to comment
HunT Posted October 16, 2012 Author Share Posted October 16, 2012 (edited) Re Open Discussion Edited October 16, 2012 by Guest Link to comment
myonlake Posted October 16, 2012 Share Posted October 16, 2012 Can u delete this please. There may be other people having similar issue so I'd rather not delete the thread. Link to comment
HunT Posted October 16, 2012 Author Share Posted October 16, 2012 Sounds Good myonlake Omg after 45 min. i now know how work (maybe) Now i have make this : local thisResourceRoot = getResourceRootElement(getThisResource()) addEventHandler ( "onResourceStart", thisResourceRoot, function() executeSQLQuery("CREATE TABLE IF NOT EXISTS OwnersMaps (nameMap TEXT, ownerMap TEXT, priceMap INTEGER)") end) addEvent("onMapStarting",true) addEventHandler("onMapStarting",getRootElement(), function (mapInfo) local name = mapInfo.name or "Unknown" if name then local tableMap = executeSQLQuery ( "SELECT * FROM OwnersMaps WHERE nameMap = '" ..name.. "'" ) if not tableMap or # tableMap == 0 then executeSQLQuery( "INSERT INTO OwnersMaps VALUES ('"..name.."','Waiting', 'Waiting')" ) end end end ) Link to comment
TAPL Posted October 17, 2012 Share Posted October 17, 2012 it's better for you to do like the examples in the wiki. https://wiki.multitheftauto.com/wiki/ExecuteSQLQuery Notice the lack of single quotes around the "?" in this example, even though it represents a string. executeSQLQuery will see that the playerName variable is a string and take care of the correct execution of the query by itself.The advantage of using executeSQLQuery is that it is immune to users trying to exploit the query with an SQL injection attack. playerName may contain special characters like ', " or -- that will not influence the query, unlike the older approach where playerName would be concatenated into the query string. Link to comment
TwiX! Posted October 17, 2012 Share Posted October 17, 2012 executeSQLQuery("INSERT INTO OwnersMaps VALUES (?,?,?)",name,'waiting','waiting') Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now