Registered users can connect using any password

Registered users can connect using any password - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Registered users can connect using any password (/showthread.php?tid=406072)

Registered users can connect using any password - EAsT-OAK_510 - 08.01.2013

I know this should be asked in the zGaming script section, it's been asked multiple times and not been answered.

So basically what's wrong with this is that anyone who connects to the server with a registered account they can enter anything as a password and it will let them connect.

pawn Код:

if(dialogid == 1) // Register
    {
        if(response)
        {
            if(strlen(inputtext) < 6)
            {
             SendClientMessage(playerid, COLOR_GREY, "Password can't be shorter than 6 characters.");
             ShowDialog(playerid, 1);
             return 1;
            }
            new file[64], IP[16], string[128], password[256];
            format(file, sizeof(file), "users/%s.ini", RPNU(playerid));
            if(!dini_Exists(file))
            {
                GetPlayerIp(playerid, IP, sizeof(IP));
                dini_Create(file);
                WP_Hash(password, sizeof(password), inputtext);
                dini_Set(file, "Password", password);
                dini_Set(file, "IP", IP);
                PlayerInfo[playerid][pLevel] = 1;
                dini_IntSet(file, "Level", PlayerInfo[playerid][pLevel]);
                format(string, sizeof(string), "SERVER: You have successfully registered on Duality Role Play. (Password: %s)", inputtext);
                SendClientMessage(playerid, COLOR_LIGHTRED, string);
                ShowDialog(playerid, 2);
            }
        }
        else
        {
            SendClientMessage(playerid, COLOR_LIGHTRED, "SERVER: You have chosen to quit the server.");
            Kick(playerid);
        }
    }
    else if(dialogid == 2) // Login
    {
        if(response)
        {
            new file[64], password[256], IP[16], password2[256];
            format(file, sizeof(file), "users/%s.ini", RPNU(playerid));
            WP_Hash(password2, sizeof(password2), inputtext);
            format(password, sizeof(password), "%s", dini_Get(file, "Password"));
            if(strcmp(password, inputtext,true) && strcmp(password, password2, true))
            {
                SendClientMessage(playerid, COLOR_LIGHTRED, "SERVER: Invalid password.");
                ShowDialog(playerid, 2);
                return 1;
            }
            if(dini_Int(file, "AdminAccount") == 1)
            {
                SendClientMessage(playerid, COLOR_LIGHTRED, "SERVER: You can't login directly from an admin account.");
                Kick(playerid);
                return 1;
            }
            else if(sscanf(inputtext, "s[128]", inputtext))
            {
                SendClientMessage(playerid, COLOR_LIGHTRED, "SERVER: You must enter a password to procceed.");
                ShowDialog(playerid, 2);
                return 1;
            }
            else
            {
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                SendClientMessage(playerid, COLOR_LIME, "");
                format(PlayerInfo[playerid][pIP], 16, "%s", dini_Get(file, "IP"));
                GetPlayerIp(playerid, IP, sizeof(IP));
                dini_Set(file, "IP", IP);
                PlayerInfo[playerid][pGender] = dini_Int(file, "Gender");
                PlayerInfo[playerid][pAge] = dini_Int(file, "Age");
                if(!PlayerInfo[playerid][pGender] || !PlayerInfo[playerid][pAge])
                {
                    ShowDialog(playerid, 3);
                }
                else
                {
                    LoadChar(playerid);
                    SpawnPlayer(playerid);
                }
            }
        }
        else
        {
            SendClientMessage(playerid, COLOR_LIGHTRED, "SERVER: You have chosen to quit the server.");
            Kick(playerid);
        }
    }

Re: Registered users can connect using any password - Dragonborn - 08.01.2013

Change the line that check the password (strcmp) in the the dialog login part. This :

pawn Код:

if(strcmp(password, inputtext,false) && strcmp(password, password2, false))

I hope that helped

Re: Registered users can connect using any password - EAsT-OAK_510 - 08.01.2013

Still the same

Re: Registered users can connect using any password - 101 - 08.01.2013

No guarrantees as I used dini years ago..

pawn Код:

if(strcmp(password2,dini_Get(file, "Password")))
{
    SendClientMessage(playerid, COLOR_LIGHTRED, "SERVER: Invalid password.");
    ShowDialog(playerid, 2);
    return 1;
}

Re: Registered users can connect using any password - EAsT-OAK_510 - 08.01.2013

Same issue.

Re: Registered users can connect using any password - 101 - 08.01.2013

Have you thought of switching to Y_INI?

Re: Registered users can connect using any password - EAsT-OAK_510 - 09.01.2013

I'm a noob when it comes to converting. If I knew how to I would.

Re: Registered users can connect using any password - Black Wolf - 09.01.2013

Quote:

Originally Posted by EAsT-OAK_510

I'm a noob when it comes to converting. If I knew how to I would.

So you're using a downloaded one's right then download any other which is based on the method of y_ini and if you get any problem with that i ll help you surely.