if (player->AddItem(item, count))
{
std::string DateTime = “%Y-%m-%d %H:%M:%S”;
ItemTemplate const* itemTemplate = sObjectMgr->GetItemTemplate(item);
player->DestroyItemCount(37711, cost, true);
LoginDatabase.PQuery(“INSERT INTO auth.donation_purchases (account_id, character_name, character_guid, donation_item_id, donation_item_name, donation_item_amount, date) VALUES (‘%u’, ‘%s’, ‘%u’, ‘%u’, ‘%s’, ‘%u’, date)”, player->GetSession()->GetAccountId(), player->GetName().c_str(), player->GetGUIDLow(), item, itemTemplate->Name1.c_str(), count, DateTime.c_str());
ChatHandler(player->GetSession()).SendSysMessage(“Your points are taken and your item is given!!!”);
player->SaveToDB();
}
How can i use a mysql_real_string_escape in my Code ?
If i buy items with ’ in the name i get this error :
[1064] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘s Souvenir’, ‘1’, date)’ at line 1
Error while parsing SQL. Core fix required.
I need to escape the string …