Any password works upon login - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Any password works upon login (/showthread.php?tid=505087)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Any password works upon login (/showthread.php?tid=505087)
Any password works upon login - AphexCCFC - 06.04.2014
I create a password when registering, but I can log in with any password. Please help :/
pawn Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
if(dialogid == DIALOG_REGISTER)
{
if(!response)
{
return SendClientMessage(playerid, -1, "SERVER: You have left the server."), Kick(playerid);
}
if(isnull(inputtext)) {
return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD, "{1564F5}Register", "Type in a password below to register an account.", "Okay", "Cancel");
}
if(strlen(inputtext) >= MAX_PASS_LENGTH) {
return SendClientMessage(playerid, -1, "SERVER: Password must not be more than 40 characters"), ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD, "{1564F5}Register", "Type in a password below to register an account.", "Okay", "Cancel");
}
new
Salt[30],
hash[129];
randomString(Salt, 30);
format(hash, sizeof(hash), "%s%s", Salt, inputtext);
WP_Hash(hash, sizeof(hash), hash);
CreateAccount(playerid, Salt, hash);
format(hash, sizeof(hash), "SERVER: Welcome %s", returnNameEx(playerid));
SendClientMessage(playerid, -1, hash);
g_PlayerInfo[playerid][pSkin] = NEWB_SKIN;
ToggleMainMenu(playerid, 0);
SetCameraBehindPlayer(playerid);
SetPlayerPos(playerid, posArr{g_newbSpawn});
SetPlayerFacingAngle(playerid, g_newbSpawn[3]);
SetPlayerSkin(playerid, NEWB_SKIN);
return 1;
}
if(dialogid == DIALOG_LOGIN)
{
if(!response || !strlen(inputtext)) {
return ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{1564F5}Login", "Type in your password below to log in.", "Okay", "Cancel");
}
new
hashedinput[129];
format(hashedinput, sizeof(hashedinput), "%s%s", g_PlayerInfo[playerid][pSalt], inputtext);
WP_Hash(hashedinput, 129, hashedinput);
if(strcmp(hashedinput, g_PlayerInfo[playerid][pPass])) {
g_LogTries[playerid]++;
if(g_LogTries[playerid] == MAX_LOG_TRIES) {
return SendClientMessage(playerid, -1, "SERVER: Too many login attempts."), Kick(playerid);
}
SendClientMessage(playerid, -1, "SERVER: Invalid password!"),
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{1564F5}Login", "Type in your password below to log in.", "Okay", "Cancel");
}
else {
LoadAccount(playerid);
}
return 1;
}
return 1;
}
Re: Any password works upon login - Sascha - 06.04.2014
pawn Код:
if(!strcmp(hashedinput, g_PlayerInfo[playerid][pPass])) {
LoadAccount(playerid)
}
else
{
g_LogTries[playerid]++;
if(g_LogTries[playerid] == MAX_LOG_TRIES) {
return SendClientMessage(playerid, -1, "SERVER: Too many login attempts."), Kick(playerid);
}
SendClientMessage(playerid, -1, "SERVER: Invalid password!"),
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{1564F5}Login", "Type in your password below to log in.", "Okay", "Cancel");
}
pawn Код:
if(strcmp(hashedinput, g_PlayerInfo[playerid][pPass])) {
g_LogTries[playerid]++;
if(g_LogTries[playerid] == MAX_LOG_TRIES) {
return SendClientMessage(playerid, -1, "SERVER: Too many login attempts."), Kick(playerid);
}
SendClientMessage(playerid, -1, "SERVER: Invalid password!"),
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{1564F5}Login", "Type in your password below to log in.", "Okay", "Cancel");
}
else {
LoadAccount(playerid);
}
Re: Any password works upon login - AphexCCFC - 06.04.2014
Nope it's exactly the same.. Just logs me in whatever password I try. I wonder if the PlayerInfo[playerid][pPass] is the problem? Don't think the password saves into it.
Re: Any password works upon login - AphexCCFC - 06.04.2014
http://pastebin.com/bn1qEQ5A
Re: Any password works upon login - AphexCCFC - 06.04.2014
Anyone? :/
Re: Any password works upon login - awsomedude - 06.04.2014
Try this:
Код:
if(dialogid == DIALOG_LOGIN)
{
if(!response || !strlen(inputtext)) {
return ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{1564F5}Login", "Type in your password below to log in.", "Okay", "Cancel");
}
new
hashedinput[129];
format(hashedinput, sizeof(hashedinput), "%s%s", g_PlayerInfo[playerid][pSalt], inputtext);
WP_Hash(hashedinput, 129, hashedinput);
if(!strcmp(hashedinput, g_PlayerInfo[playerid][pPass], false)) {
LoadAccount(playerid);
}
else {
g_LogTries[playerid]++;
if(g_LogTries[playerid] == MAX_LOG_TRIES) {
return SendClientMessage(playerid, -1, "SERVER: Too many login attempts."), Kick(playerid);
}
SendClientMessage(playerid, -1, "SERVER: Invalid password!"),
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{1564F5}Login", "Type in your password below to log in.", "Okay", "Cancel");
}
return 1;
}
Re: Any password works upon login - Basssiiie - 06.04.2014
Well, try to check if the password is actually saved into PlayerInfo[playerid][pPass]. It's called 'debugging'.
Re: Any password works upon login - AphexCCFC - 06.04.2014
Hmm nope, now it just says 'Invalid password' even for the correct one.
Re: Any password works upon login - AphexCCFC - 06.04.2014
Tried that Bass, it's blank. Don't understand how to save the password into there and recall it if the password in the database gets hashed and salted.
Re: Any password works upon login - Basssiiie - 06.04.2014
I guess you have to retrieve the password from the database in order to compare it.
Edit: Quick look through your Pastebin... Are you actually saving the salt and hashed password in the database?