C# / Java Programmer
- Joined
- Jan 1, 2007
- Messages
- 346
- Reaction score
- 177
I think he might be high on something since I also don't really understand what he is trying to say.
I mean, I'm excited. Not anxious, my bad.Probably, I mean, it would be weird if he actually was anxious
dbConnection.SetQuery("SELECT * FROM rooms WHERE name LIKE [USER=111754]search[/USER] OR owner_id IN (SELECT id FROM players WHERE username LIKE [USER=111754]search[/USER])");
dbConnection.AddParameter( [USER=111754]search[/USER]", "%" + search + "%");
result = dbConnection.GetTable();
Dear developer,
Aurora Emulator is a projectname of Mikey (@EvilCoder). You should change your name because it already exist.
Dear developer,
Aurora Emulator is a projectname of Mikey (@EvilCoder). You should change your name because it already exist.
Love the mention inside your code tag
string query = "UPDATE rooms SET ";
MySqlParameter[] parameters = new MySqlParameter[columns.Length + 1];
for (int i = 0; i < columns.Length && i < values.Length; i++)
{
if (i > 0)
query += ", ";
query += $"{columns[i]} = @{columns[i]}";
parameters[i] = new MySqlParameter($"@{columns[i]}", values[i]);
}
query += " WHERE id = @ roomId";
parameters[parameters.Length - 1] = new MySqlParameter("@ roomId", Id);
A small update:
Rooms before room icon save:
What I change the icon into:
Rooms after room icon save:
(NOTE: IGNORE the UberEmu and Bfly githubs, NO code is taken from it, only reference to packets!)
PHP:string query = "UPDATE rooms SET "; MySqlParameter[] parameters = new MySqlParameter[columns.Length + 1]; for (int i = 0; i < columns.Length && i < values.Length; i++) { if (i > 0) query += ", "; query += $"{columns[i]} = @{columns[i]}"; parameters[i] = new MySqlParameter($"@{columns[i]}", values[i]); } query += " WHERE id = @ roomId"; parameters[parameters.Length - 1] = new MySqlParameter("@ roomId", Id);
What the duck is this injectable query...
I think use += for the string query is not the best way.
Then what? There's no way to generate a query based on parameters of a function (which will only be made in the emulator, without user input, and the user input there is is stored in MySqlParameter) without using +=.
I said for concat string, i always prefer to use a stringbuilder or something like that
You must be registered to see links
So what does the StringBuilder class do better than a "+=" operator in this scenario?
So what does the StringBuilder class do better than a "+=" operator in this scenario?
Not returning a new string when appending.
Okay, I will use StringBuilder then. As for how much columns, it can be either 1, 2, 3 or like 8. It depends on where you use it.