View Single Post
  #2  
Old 03-13-2018, 03:34 PM
fowlplay4 fowlplay4 is offline
team canada
fowlplay4's Avatar
Join Date: Jul 2004
Location: Canada
Posts: 5,200
fowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond repute
you have a wasteful 'getcallstack()' call in read() and your sanitize SQL function references a non-existent function.

escapestring2(text); is the built-in function for sanitizing values for SQLite queries.

Graal Script Code:
public function read(temp.query_nametemp.argstemp.debugtemp.db) {
  return 
execute(temp.query_nametruetemp.argstemp.debugtemp.db);
}

function 
sanitize_sqlite(temp.text) {
  return 
escapestring2(temp.text);

personally I like to do my queries in-line and sanitize the parameters (escapestring2 for strings, int for integers, float for decimals):

Graal Script Code:
temp.sql "
  SELECT scores 
  FROM leaderboards 
  WHERE acct = '%s' AND score > %s
"
;
temp.sql format(temp.sqlescapestring2(temp.acct), int(temp.min_score)); 
other optimization tips: putting your files under level/sql would let you utilize onlevelfileupdated then you could automatically cache all your SQL queries into memory/variables instead of reading from file.
__________________
Quote:

Last edited by fowlplay4; 03-13-2018 at 03:58 PM..
Reply With Quote