<function name="Query" parent="sql" type="libraryfunc"> <description>Performs a query on the local SQLite database, returns a table as result set, nil if result is empty and false on error.</description>⤶ <description>⤶ Performs a query on the local SQLite database, returns a table as result set, nil if result is empty and false on error.⤶ <warning>⤶ To run SQL queries with this function safely, it is crucial to ensure that the concatenated variables in the query string are safe to avoid vulnerabilities like SQL injections. For this, it is recommended to use the <page>sql.SQLStr</page>, which allows arguments to be escaped correctly. ⤶ </warning>⤶ </description>⤶ <realm>Shared and Menu</realm> <args> <arg name="query" type="string">The query to execute.</arg> </args> <rets> <ret name="" type="table">false is returned if there is an error, nil if the query returned no data.</ret> </rets> </function> <example> <description>Functions that are examples of saving and creating information into the database.</description> <code> function CreateTable() sql.Query( "CREATE TABLE IF NOT EXISTS player_data ( SteamID TEXT, Money INTEGER )" ) end function SavePlayerToDataBase( ply, Money ) local data = sql.Query( "SELECT * FROM player_data WHERE SteamID = " .. sql.SQLStr( ply:SteamID() ) .. ";") if ( data ) then sql.Query( "UPDATE player_data SET Money = " .. Money .. " WHERE SteamID = " .. sql.SQLStr( ply:SteamID() ) .. ";" ) else sql.Query( "INSERT INTO player_data ( SteamID, Money ) VALUES( " .. sql.SQLStr( ply:SteamID() ) .. ", " .. Money .. " )" ) end end function LoadPlayerFromDataBase( ply ) local val = sql.QueryValue( "SELECT Money FROM player_data WHERE SteamID = " .. sql.SQLStr( ply:SteamID() ) .. ";" ) return val end </code> </example>