SQL UCP - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: SQL UCP (/showthread.php?tid=475360)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: SQL UCP (/showthread.php?tid=475360)
SQL UCP - FShiwani - 12.11.2013
Hello,
I am using a UCP on my VPS along with the working SA:MP server and a SQL database. The SA:MP server is working fine and can easily use the SQL database set up for it. Problem is that when the UCP tries to access the database, it can connect to it however no matter what I enter as Character Username and Password, even if they are correct, it will give me an error saying my details are invalid which I know are not as I checked in SQL database and noticed that they are the exact same. PHP file is fine as I used it before aswell, could it be a permissions issue?
VPS 1GB
Centos 6 64bit
Re: SQL UCP - Riddy - 12.11.2013
Ignore <- Misread..
But, look at Shcurman
Re: SQL UCP - SchurmanCQC - 12.11.2013
If you're using strcmp in PHP to check passwords, make sure the cAsE of the passwords are correct.
Whirlpool example:
73EFAFBCDC33B4ED05D233E0EBED165CEFF427316211795AEB 46980271FB9811408EA1A3A1D8D506E744D80BFB3A7099EAEB 8C22F89191DA3579A2BCBB38F5CE
is NOT the same as
73efafbcdc33b4ed05d233e0ebed165ceff427316211795aeb 46980271fb9811408ea1a3a1d8d506e744d80bfb3a7099eaeb 8c22f89191da3579a2bcbb38f5ce
and strcmp would not return 0 when these two strings are compared.
Try using strtoupper($str) on the conflicting lowercase string if this is what is going wrong.
Re: SQL UCP - FShiwani - 12.11.2013
Quote:
|
Originally Posted by SchurmanCQC
 If you're using strcmp in PHP to check passwords, make sure the cAsE of the passwords are correct.
Whirlpool example: 73EFAFBCDC33B4ED05D233E0EBED165CEFF427316211795AEB 46980271FB9811408EA1A3A1D8D506E744D80BFB3A7099EAEB 8C22F89191DA3579A2BCBB38F5CE is NOT the same as 73efafbcdc33b4ed05d233e0ebed165ceff427316211795aeb 46980271fb9811408ea1a3a1d8d506e744d80bfb3a7099eaeb 8c22f89191da3579a2bcbb38f5ce and strcmp would not return 0 when these two strings are compared. Try using strtoupper($str) on the conflicting lowercase string if this is what is going wrong. |
Re: SQL UCP - Riddy - 12.11.2013
Quote:
|
Originally Posted by FShiwani
That's not the issue. I am using the account details that I used to register on the server with on the UCP.
|
Re: SQL UCP - SchurmanCQC - 12.11.2013
What I would usually do in this situation is debug my code.
First, find out exactly WHERE the script is returning "incorrect details".
If the script is failing during a password comparison,
Echo the two passwords being compared and make sure they are the same, ie. one is not cut off.
If the script is failing during an SQL query,
Add an error echo to find out the problem with the query.
example:
PHP код:
...
if (!$SQLResult) {
echo("Error Message: ". $MySQLi->error);
}
Re: SQL UCP - FShiwani - 12.11.2013
Quote:
|
Originally Posted by Riddy
Are you able to provide the code for the logging in part?
|
Код:
else//check login part
{
//checking wrong attempts today
$query = "SELECT * FROM `attempts` WHERE `IP`='".GetIP()."' AND `Date`='".date('l \t\h\e jS')."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 29)
{
echo 'You have excited the limit of wrong attempts!<br>Try to login again tomorrow! <meta HTTP-EQUIV="REFRESH" content="2; url=index.php">';
exit;
}
$query = "SELECT * FROM `players` WHERE `Name`= '".$_SESSION['Character']."' AND `Key`= '".$_SESSION['Key']."'";
$result = mysql_query($query);
if(mysql_num_rows($result) == 0)
{
$query = "INSERT INTO `attempts` (`IP`,`Date`) VALUES ('".GetIP()."','".date('l \t\h\e jS')."')";
$result = mysql_query($query);
$query = "SELECT * FROM `attempts` WHERE `IP`='".GetIP()."' AND `Date`='".date('l \t\h\e jS')."'";
$result = mysql_query($query);
$wa = mysql_num_rows($result);
unset ($_SESSION['Key'],$_SESSION['Character']);
echo 'Username and password do not match!<br>Make sure that you wrote your character'."'".'s IG name with "_".<br>Wrong attempts today:'.$wa.'/30. When you reach 30, you will be banned from logging in again today!<meta HTTP-EQUIV="REFRESH" content="3; url=index.php">';
}
Error =
Код:
Username and password do not match! Make sure that you wrote your character's IG name with "_". Wrong attempts today:2/30(Changes). When you reach 30, you will be banned from logging in again today!
Re: SQL UCP - SchurmanCQC - 12.11.2013
PHP код:
else //check login part
{
//checking wrong attempts today
$query = "SELECT * FROM `attempts` WHERE `IP`='".GetIP()."' AND `Date`='".date('l \t\h\e jS')."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 29)
{
echo 'You have excited the limit of wrong attempts!<br>Try to login again tomorrow! <meta HTTP-EQUIV="REFRESH" content="2; url=index.php">';
exit;
}
$query = "SELECT * FROM `players` WHERE `Name`= '".$_SESSION['Character']."' AND `Key`= '".$_SESSION['Key']."'";
$result = mysql_query($query);
if(mysql_num_rows($result) == 0)
{
$query = "INSERT INTO `attempts` (`IP`,`Date`) VALUES ('".GetIP()."','".date('l \t\h\e jS')."')";
$result = mysql_query($query);
$query = "SELECT * FROM `attempts` WHERE `IP`='".GetIP()."' AND `Date`='".date('l \t\h\e jS')."'";
$result = mysql_query($query);
$wa = mysql_num_rows($result);
unset ($_SESSION['Key'],$_SESSION['Character']);
echo 'Username and password do not match!<br>Make sure that you wrote your character'."'".'s IG name with "_".<br>Wrong attempts today:'.$wa.'/30. When you reach 30, you will be banned from logging in again today!<meta HTTP-EQUIV="REFRESH" content="3; url=index.php">';
}
On line 11: I hope you are escaping the vars stored in $_SESSION, or else you are vulnerable to SQL injection.
Please tell me what the value of $_SESSION[Key], and "Key" in the database is.
Re: SQL UCP - FShiwani - 14.11.2013
Bump