Logger
#4
Nice first plugin.

As NiLSPACE already noted, it is somewhat vulnerable to SQL injection, but I don't agree with his solution. You should instead use prepared statements to insert values into the DB:
local stmt = LOG_DB:prepare("INSERT INTO data (login, message, date) VALUES (?, ?, ?)")
stmt:bind_values(Player:GetName(), Message, os.time())
stmt:execute()
This way the code is clean from any SQL injections and the actual statement is even a bit easier to read.

I'd suggest you don't use the ON_EXECUTE_COMMAND hook, but rather register your command in the regular way, using cPluginManager:BindCommand(), or even better, using the Info.lua file. See here for details: http://luaapi.cuberite.org/InfoFile.html
That way your command gets shown in the help and the server checks that only one plugin registers your command - the admins get a warning message if two plugins try to register the "logger" command.
Reply
Thanks given by: DrMasik , NiLSPACE


Messages In This Thread
Logger - by DrMasik - 08-18-2015, 05:59 AM
RE: Logger - by NiLSPACE - 08-18-2015, 06:15 AM
RE: Logger - by DrMasik - 08-18-2015, 06:18 AM
RE: Logger - by xoft - 08-18-2015, 04:26 PM
RE: Logger - by DrMasik - 08-19-2015, 04:58 AM
RE: Logger - by DrMasik - 08-19-2015, 07:31 AM
RE: Logger - by xoft - 08-19-2015, 04:32 PM
RE: Logger - by DrMasik - 08-19-2015, 08:20 PM
RE: Logger - by xoft - 08-20-2015, 01:01 AM
RE: Logger - by DrMasik - 08-20-2015, 01:56 AM
RE: Logger - by xoft - 08-20-2015, 01:04 AM
RE: Logger - by DrMasik - 08-20-2015, 02:46 AM
RE: Logger - by DrMasik - 08-20-2015, 05:59 PM
RE: Logger - by NiLSPACE - 08-20-2015, 06:12 PM
RE: Logger - by DrMasik - 08-20-2015, 06:23 PM
RE: Logger - by NiLSPACE - 08-20-2015, 06:26 PM
RE: Logger - by DrMasik - 08-20-2015, 06:36 PM
RE: Logger - by NiLSPACE - 08-20-2015, 06:47 PM
RE: Logger - by DrMasik - 08-20-2015, 06:51 PM
RE: Logger - by NiLSPACE - 08-20-2015, 07:18 PM
RE: Logger - by DrMasik - 08-21-2015, 05:57 AM



Users browsing this thread: 2 Guest(s)