open.mp forum
[Plugin] MySQL for open.mp - Printable Version

+ open.mp forum (https://forum.open.mp)
-- Forum: SA-MP (https://forum.open.mp/forumdisplay.php?fid=3)
--- Forum: Releases (https://forum.open.mp/forumdisplay.php?fid=13)
---- Forum: Plugins (https://forum.open.mp/forumdisplay.php?fid=32)
---- Thread: [Plugin] MySQL for open.mp (/showthread.php?tid=4274)

MySQL for open.mp - Xyranaut - 2026-06-01

omp-MySQL
A modern, secure MySQL database component for open.mp — clean-room, with an industry-standard API.

Repo: github.com/Mac-Andreas/omp-MySQL
Download (v1.0.0): Releases
Docs / wiki: Wiki


What is it?
A native open.mp component (drops into components/, not a legacy plugin) that lets your Pawn gamemode talk to MySQL — safely. It's inspired by the classic SA-MP-MySQL but rebuilt from scratch for modern MySQL and the open.mp Component SDK.

Why another MySQL plugin?
SA-MP-MySQL (BlueG / maddinat0r) was excellent — for its time. That time was the MySQL 5.x / SA-MP era, and it's been discontinued since ~2019. Modern MySQL changed a lot (default caching_sha2_password auth, mandatory-friendly TLS, utf8mb4), open.mp moved to a modern Component SDK, and security expectations rose. omp-MySQL is a clean-room project built for today's MySQL and open.mp: TLS is on by default, passwords are hashed for you, and player input is injection-safe by construction.

omp-MySQL vs SA-MP-MySQL (BlueG)
SA-MP-MySQL (BlueG)omp-MySQL
Plugs intoSA-MP plugin ABInative open.mp Component SDK
MySQL era5.x / MariaDBmodern 8.x / 9.x (also runs on 5.7)
Encryptionoptional, often offmandatory TLS, fail-closed (1.3/1.2)
Password hashingnone built inArgon2id (mysql_hash / mysql_verify)
Injection safetyescape helpersprepared statements + %e + multi-stmt off
API namingSA-MP-MySQL specificindustry-standard (JDBC/DB-API style)
Secretsusually in source${ENV} expansion + optional obfuscation
Extrascache, ORMcache, models, VECTOR search, compression
Statusdiscontinued (~2019)active, v1.0.0

Highlights
  • Mandatory TLS, fail-closed — TLS 1.3 (MySQL 8.0+) / TLS 1.2 (5.7); refuses to connect unencrypted. No plaintext path.
  • Prepared statements — bound parameters, injection-safe (plus %e escaping; multi-statements off by default).
  • Argon2id password hashing built in.
  • Fully async — one worker thread per connection; the main tick never blocks.
  • Self-contained — MariaDB Connector/C statically linked, OpenSSL bundled. No separate client install.
  • Result cache, active-record models, MySQL 9 VECTOR similarity search, ${ENV} secrets, opt-in rate/length guards.

Tested
  • Live MySQL: 5.7.44, 8.0.46, 8.4.9 LTS, 9.2.0 — TLS + queries + prepared statements + caching_sha2 all pass. VECTOR verified on 9.x (it's 9.0+ only).
  • Memory: clean under AddressSanitizer + UBSan; static leak/UAF/thread audit.
  • Pentested: SQL injection (login box, registration, command args), auth bypass (rejoin / slot reuse), persistent-login enforcement, privilege bootstrap. Details in the wiki's Security page.

Quick example
Code:
#include <open.mp>
#include <omp-mysql>

new MySQL:g_DB;

public OnGameModeInit()
{
    new MySQLConfig:cfg = mysql_config_create();
    mysql_config_set(cfg, SSL_MODE, SSL_MODE_REQUIRED);  // TLS on
    g_DB = mysql_connect("127.0.0.1", "user", "${OMP_DB_PASS}", "mydb", cfg);
    if (g_DB == MYSQL_INVALID_HANDLE) print("MySQL connection failed.");
    return 1;
}

Install
  1. Windows: unzip the windows package — omp-mysql.dll into components/, and the bundled libssl-3.dll / libcrypto-3.dll next to omp-server.exe.
  2. Linux: omp-mysql.so into components/.
  3. Put omp-mysql.inc in qawno/include/ and #include <omp-mysql>.
A full login/register admin demo (mysql-admin) ships in the release.

Migrating from SA-MP-MySQL
Same concepts (connect → query → callback → read rows); modern/standard names. Most-used mappings:
SA-MP-MySQLomp-MySQL
mysql_tquerymysql_execute
mysql_pquerymysql_execute_for
mysql_querymysql_execute_sync
cache_get_value_name_intmysql_rs_get_int_by
cache_num_rowsmysql_rs_row_count
cache_insert_idmysql_rs_insert_id
mysql_get_ssl_ciphermysql_get_tls_cipher
(none)mysql_prepare / mysql_stmt_set_*
(none)mysql_hash / mysql_verify
orm_*mysql_model_*
Two convention changes: prepared-statement params are 1-based, and result values use the mysql_rs_* family. Full guide: Migration.

Docs
The wiki is a full book — from "what is a database?" (with diagrams) through installing MySQL, SQL basics, prepared statements, async patterns, the mysql-admin demo, building from source, and security. There's a one-page cheat sheet too.

Notes
  • Minimum MySQL 5.7 (first with default TLS). Recommended 8.4 LTS.
  • 32-bit (i386) — the open.mp server arch.
  • MIT licensed (links the LGPL-2.1 MariaDB Connector/C). No code reused from SA-MP-MySQL.

Feedback, bug reports, and PRs welcome — issues.

omp-MySQL is an independent community project — not affiliated with or endorsed by open.mp or Oracle. "MySQL" is a trademark of Oracle; "open.mp" and "SA-MP" of their respective authors; used here only to describe compatibility.