(08 Jan 11, 07:11PM)Luc@s Wrote: Ok Fiz first thanks a lot for sharing your stuff ! good work btw
But sadly it's not really what we're aiming at (or at least what I am aiming at :D).
Actually, focus is to make the server saves stats himself. Because 1) it's the best "side" to save stats, and 2) it can saves more things (like accuracy).
But your system is really interesting for match-following for example :D
I need to try YAML.
gonna do that.
Maybe it would be a good idea for the devs to make it possible to write "modules" that allowed stuff like hooks on events so that outside code can be added to catch kills/teamkills/game changes and all that. Maybe a sort of api. Maybe out of the scope or this thread? or MAYBE the first example module can be a module that creates stats :D
(08 Jan 11, 07:39PM)tempest Wrote:PHP class Wrote:also I am sure the $buffer needs to be sanitized more
mysql_real_escape_string(), always use the specific function for the database you're using. Other than that, why?
mysql_real_escape_string will work fine but the reason is I could see people who might "know" its ran inside of php and in its current state of insertion someone could fool addslashes and execute a mysql query inside of that query to damage the database or various other things with a well crafted message in the game.