How can i fix that MySQL problem?

Discussion in 'Spigot Plugin Help' started by xTheMAG, May 31, 2017.

  1. Please move this thread to "Spigot Plugin Development" :)
    You'll get more help there
  2. How? Can i move to that section?
  3. Just re-upload it.
  4. Strahan


    I have no idea about the error, but your SQL code is not safe. It's vulnerable to injections. Never, never never take input and throw it directly into a SQL string. Now, granted, it looks like what you are showing us is just helpers for yourself coding which is safer as long as your helper use isn't passing input from a user, but regardless it's still a bad practice. Even if I write a query that only takes input from me or the program, I still parameterize so as not to form bad habits.

    Also.. why for that matter are you making those helpers? If you have .getInt I assume you have it for other datatypes right? So are you programming where you may have a situation like:

    Code (Text):
    playerData["hitpoints"] = object.getInt("players", "hp", "playername", "%Strahan%");
    playerData["int"] = object.getInt("players", "int", "playername", "%Strahan%");
    playerData["dex"] = object.getInt("players", "dex", "playername", "%Strahan%");
    playerData["cha"] = object.getInt("players", "cha", "playername", "%Strahan%");
    If that's something you are doing, STOP IT. That's a horrid performance hit.