Thread: SQL File System (Use SQL with ease)
View Single Post
  #2  
Old 03-13-2018, 04:34 PM
fowlplay4 fowlplay4 is offline
team canada
fowlplay4's Avatar
Join Date: Jul 2004
Location: Canada
Posts: 5,200
fowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond repute
you have a wasteful 'getcallstack()' call in read() and your sanitize SQL function references a non-existent function.

escapestring2(text); is the built-in function for sanitizing values for SQLite queries.

PHP Code:
public function read(temp.query_nametemp.argstemp.debugtemp.db) {
  return execute(temp.query_nametruetemp.argstemp.debugtemp.db);
}

function sanitize_sqlite(temp.text) {
  return escapestring2(temp.text);
personally I like to do my queries in-line and sanitize the parameters (escapestring2 for strings, int for integers, float for decimals):

PHP Code:
temp.sql "
  SELECT scores 
  FROM leaderboards 
  WHERE acct = '%s' AND score > %s
";
temp.sql format(temp.sqlescapestring2(temp.acct), int(temp.min_score)); 
other optimization tips: putting your files under level/sql would let you utilize onlevelfileupdated then you could automatically cache all your SQL queries into memory/variables instead of reading from file.
__________________
Quote:
Last edited by fowlplay4; 03-13-2018 at 04:58 PM..
Reply With Quote