overextended
Enabling multiple statements for mysql-async compatibility
How to enable multiple statements (aka easy SQL injection)
Seriously, why do people feel the need to do this?
You can enable multiple statements to be executed by adding multipleStatements=true to your connection string.
This allow's SQL injection in resources that use string concatenation, such as esx_kashacter, rather than parameters, allowing clients to easily delete your entire database (see: https://forum.cfx.re/t/database-tables-are-deleted/4764756)
Enabling multi-statements allows resources to execute multiple queries in a single function, rather than splitting it into several; this is a common practice in encrypted resources that check for and create tables every time they start rather than providing users with an sql file to execute themselves (i.e. esx_job_creator).
It's also required when using vRP due to users love of multi-statements to call SELECT LAST_INSERT_ID, despite it already being returned by both query and insert functions.
