you have a wasteful 'getcallstack()' call in read() and your sanitize SQL function references a non-existent function.
escapestring2(text); is the built-in function for sanitizing values for SQLite queries.
PHP Code:
public function read(temp.query_name, temp.args, temp.debug, temp.db) {
return execute(temp.query_name, true, temp.args, temp.debug, temp.db);
}
function sanitize_sqlite(temp.text) {
return escapestring2(temp.text);
}
personally I like to do my queries in-line and sanitize the parameters (escapestring2 for strings, int for integers, float for decimals):
PHP Code:
temp.sql = "
SELECT scores
FROM leaderboards
WHERE acct = '%s' AND score > %s
";
temp.sql = format(temp.sql, escapestring2(temp.acct), int(temp.min_score));
other optimization tips: putting your files under level/sql would let you utilize onlevelfileupdated then you could automatically cache all your SQL queries into memory/variables instead of reading from file.
03-13-2018, 04:34 PM
Hybrid Mode
