Could Someone Help me on this script

[kelvz002]

I wonder how to send items to all players using php,

 Spoiler

<?php
$serverName = "BOKNOY-PC\SQLEXPRESS";
$UID = "sa";
$PASS ="123456";
$connectionInfo = array("Database" => "RohanGame", "UID" => $UID, "PWD" => $PASS);
$conn = sqlsrv_connect($serverName, $connectionInfo);
$sql="GO
DECLARE @a Integer = 491891;
DECLARE @i Integer;
SELECT @i = COUNT(id) FROM [RohanGame].dbo.TCharacter
SET @i = @i + 491891
WHILE (@a < @i)
BEGIN
INSERT INTO [RohanGame].dbo.TEventItem(type,attr,stack,rank,date,char_id) VALUES ('$_POST[type]', 0, '$_POST[stack]', 1, '02-05-1995', @a)
SET @a = @a + 1
END";

$stmt = sqlsrv_query($conn, $sql);
echo "The item has been inserted to all character.";


?>

This Script is successfully inserted items on some players, but to the players like newly registered or registered before insertion don't get items.

if someone could help me please..
(sorry for bad english) xD

[asmodeus812]

You can do that much easier with plain PHP. You can use procedures as well. But
i will give you a php example

If you want to send items to event inventory for all chars on the server.

$sql = select * from dbo.TCharacter
$stmt = sqlsrv_query( $conn, $sql);

Or only for online chars

$sql = "select * from dbo.TCharacterLogin where login = 1";
$stmt = sqlsrv_query( $conn, $sql);

then loop thru every char_id and insert it in event inventory .
You can use standart While. Fetch the rows while the statement is true
then you can execute the statement below

$sql2 =insert into RohanGame.dbo.TEventItem(type,attr,stack,rank,equi p_level,equip_strength,equip_dexterity,equip_intel ligence,char_id,date) values......

I believe you can get the point. Thats not detailed by any means. Its up to you to structure the script

And please if you decide to use php
Consider this basic security measures
1.Prepared Statements -> SQL Injection
2.Strip HTML Special Chars -> Cross Site Scripting

[kelvz002]

Quote:

Originally Posted by asmodeus812

You can do that much easier with plain PHP. You can use procedures as well. But
i will give you a php example

If you want to send items to event inventory for all chars on the server.

$sql = select * from dbo.TCharacter
$stmt = sqlsrv_query( $conn, $sql);

Or only for online chars

$sql = "select * from dbo.TCharacterLogin where login = 1";
$stmt = sqlsrv_query( $conn, $sql);

then loop thru every char_id and insert it in event inventory .
You can use standart While. Fetch the rows while the statement is true
then you can execute the statement below

$sql2 =insert into RohanGame.dbo.TEventItem(type,attr,stack,rank,equi p_level,equip_strength,equip_dexterity,equip_intel ligence,char_id,date) values......

I believe you can get the point. Thats not detailed by any means. Its up to you to structure the script

And please if you decide to use php
Consider this basic security measures
1.Prepared Statements -> SQL Injection
2.Strip HTML Special Chars -> Cross Site Scripting

Thanks asmodeus this one would be helpful

Thanks asmodeus My php is now working perfectly Godspeed!