SQL in script

[Fratini]

Hi!

The script check if the map where the user died is in the table 'maps_nod'. It returns 1 if the map is there. The 'var1' is INT and has 1 in all maps.

query_sql "SELECT `var1` FROM `maps_nod` WHERE `map_name`='"+strcharinfo(3)+"'",@map;
if(!@map){

I tried using only strings before but still didn't work.

query_sql "SELECT `map_name` FROM `maps_nod` WHERE `map_name`='"+strcharinfo(3)+"'",@map$;
if(!@map$){

I don't know what else I can do =\

 

Thank you for your time

 

Edit:

After a LONG search and research through google, rAthena I found nothing useful. I start to search for new commands that I didn't know in script_commands and BAM! Fixed 

 

For those who have or had the same problem...

Use escape_sql(<value>):

*escape_sql(<value>)

Converts the value to a string and escapes special characters so that it is safe to
use in query_sql(). Returns the escaped form of the given value.

Example:
	.@name$ = "John's Laptop";
	.@esc_str$ = escape_sql(.@name$); // Escaped string: John\'s Laptop

In my case will be like:

query_sql "SELECT `map_name` FROM `maps_nod` WHERE `map_name`='"+escape_sql(strcharinfo(3))+"'",@map$;
if(!@map$){

Or I could do like:

set @str$,strcharinfo(3);
query_sql "SELECT `map_name` FROM `maps_nod` WHERE `map_name`='"+escape_sql(@str$)+"'",@map$;
if(!@map$){

Edited April 18, 2016 by Fratini

[Ninja]

Well, I'm not really sure how will be able to help you with so little info on what you're trying to achieve.

[Emistry]

@Ninja

I believe Fratini solved his issue by adding the usage of escape_sql when using query_sql.

 

certain characters required to use escape_sql to be used in SQL statement. 

[Ninja]

@Emistry

Yes I understand. I was looking into future posts