How to create a Registration & Login (MySQL) -
iRaiDeN - 27.05.2014
Hello dear users, today I will explain how to build a Registration & Login simplest way, the database, MySQL database basically it, most programmers think it's difficult, but it is very easy, you will learn to do this in the registration system in the most effective and most have shortened.
Construction
The first thing we should set up variables and defines script.
PHP Code:
enum playerEnum {
pName[24],
pPassword[18],
pLevel,
pDeath,
pKills,
pAdminLevel
}
new
pInfo[MAX_PLAYERS][playerEnum] = {-1,...},
dbHandle;
#define DIALOG_REGISTER (1)
#define DIALOG_LOGIN (2)
#define DB_SERVER "127.0.0.1" // put here your ip of the database.
#define DB_USER "root" // the username of the database
#define DB_PASS "" // the pass of the username (root), i do not have a password so i leave this space blank.
#define DB_DB "samp"
enum - create the enum.
pName - Actually this variable is intended to "inject" name player this variable.
pPassword - This variable we inject the player sucked password below.
pLevel - Player level, sucked below.
pDeath - Player death, sucked below.
pKills - Player kills, sucked below.
pAdminLevel - Player admin-level, sucked below.
pInfo - This variable is stored in all the details of the enum.
dbHandle - This variable we shall use (compared to the same database connection).
DIALOGֹֹ_REGISTER - define the id of the dialog register.
DIALOG_LOGIN - define the id of the dialog login
DB_SERVER - define the ip of the database (have explain in in the comment[//])
DB_USER - define the username of the database.
DB_PASS - define the pass of the username(root)
DB_DB - define the name of the database.
PHP Code:
public OnGameModeInit()
{
dbHandle = mysql_connect(DB_SERVER,DB_USER,DB_DB,DB_PASS);
return 1;
}
PHP Code:
dbHandle = mysql_connect(DB_SERVER,DB_USER,DB_DB,DB_PASS);
- Here we compare the variable db Handle, database connection later used.
PHP Code:
public OnPlayerConnect(playerid)
{
GetPlayerName(playerid,pInfo[playerid],24);
static
gQuery[128];
format(gQuery,128,"SELECT * FROM accounts WHERE username='%s'",pInfo[playerid][pName]);
mysql_function_query(dbHandle,gQuery,true,"loadPlayerData","i",playerid);
return 1;
}
PHP Code:
GetPlayerName(playerid,pInfo[playerid],24);
- Here we inject the name of the player variable pName.
PHP Code:
static
gQuery[128];
- Here we create the variable for the format.
PHP Code:
format(gQuery,128,"SELECT * FROM accounts WHERE username='%s'",pInfo[playerid][pName]);
- Here we select all the values that are in the table accounts, where the username is really, really worth to the player.
PHP Code:
mysql_function_query(dbHandle,gQuery,true,"loadPlayerData","i",playerid);
- Here we call Public loadPlayerData, that the Public actually sucked all the details of the player (below), with the parameter playerid, where you see true, it's really "Enable cache" and I will use here with the cache to draw (version R7).
PHP Code:
forward loadPlayerData(playerid);
public loadPlayerData(playerid)
{
cache_get_field_content(0,"password",pInfo[playerid][pPassword],dbHandle,18);
pInfo[playerid][pLevel] = cache_get_field_content_int(0,"level",dbHandle);
pInfo[playerid][pKills] = cache_get_field_content_int(0,"kills",dbHandle);
pInfo[playerid][pDeath] = cache_get_field_content_int(0,"death",dbHandle);
pInfo[playerid][pAdminLevel] = cache_get_field_content_int(0,"adminlevel",dbHandle);
new rows,fields;
cache_get_data(rows,fields,dbHandle);
if(rows != 0)
{
ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"Login","Please enter your password to login","Login","Logout");
} else {
ShowPlayerDialog(playerid,DIALOG_REGISTER,DIALOG_STYLE_PASSWORD,"Register","Please enter password to register","Reg","Logout");
}
}
PHP Code:
forward loadPlayerData(playerid);
- create the public.
PHP Code:
cache_get_field_content(0,"password",pInfo[playerid][pPassword],dbHandle,18);
- Here we derive the password player.
PHP Code:
pInfo[playerid][pLevel] = cache_get_field_content_int(0,"level",dbHandle);
- Here we derive the number of level of player variable pLevel.
PHP Code:
pInfo[playerid][pKills] = cache_get_field_content_int(0,"kills",dbHandle);
- Here we derive the number of killings of player variable pKills.
PHP Code:
pInfo[playerid][pDeath] = cache_get_field_content_int(0,"death",dbHandle);
- Here we derive the number of deaths of player variable pDeath.
PHP Code:
pInfo[playerid][pAdminLevel] = cache_get_field_content_int(0,"adminlevel",dbHandle);
- Here we derive the number of Admin level of player variable pAdminLevel.
PHP Code:
new rows,fields;
- We create a variables.
PHP Code:
cache_get_data(rows,fields,dbHandle);
- Here we are derive the rows && fields from dbHandle.
- Here we check if the user's player is in a table, then it will show him dialog login, but if its user is found it will show a dialog Register.
PHP Code:
public OnDialogResponse(playerid,dialogid,response,listitem,inputtext[])
{
if(dialogid == DIALOG_REGISTER)
{
if(!response) return Kick(playerid);
if(!strlen(inputtext)) return ShowPlayerDialog(playerid,DIALOG_REGISTER,DIALOG_STYLE_PASSWORD,"Register","Please enter password to register!","Reg","Logout");
static
gQurey[128];
format(gQuery,128,"INSERT INTO accounts(username,password,kills,death,level,adminlevel) VALUES('%s','%s','0','0','1','0')",pInfo[playerid][pName],inputtext);
mysql_function_query(dbHandle,gQuery,false,"","");
SendClientMessage(playerid,-1,"you registerd successuflly!");
SpawnPlayer(playerid);
return 1;
}
if(dialogid == DIALOG_LOGIN)
{
if(!response) return Kick(playerid);
if(!strlen(inputtext)) return ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"Login","Please enter your password to login!","Login","Logout");
if(!strcmp(inputtext,pInfo[playerid][pPassword],true))
{
SendClientMessage(playerid,-1,"You logged successuflly!");
SpawnPlayer(playerid);
} else {
ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"Login","Invalid password!","Login","Logout");
}
}
}
PHP Code:
if(dialogid == DIALOG_REGISTER)
- if the dialogid equal to defined DIALOG_REGISTER(1)
PHP Code:
if(!response) return Kick(playerid);
- if the player click on the button un-response he been kicked.
PHP Code:
if(!strlen(inputtext)) return ShowPlayerDialog(playerid,DIALOG_REGISTER,DIALOG_STYLE_PASSWORD,"Register","Please enter password to register!","Reg","Logout");
- If the player left the field blank, it will show him again the dialog.
PHP Code:
static
gQurey[128];
- Here i create a variable.
PHP Code:
format(gQuery,128,"INSERT INTO accounts(username,password,kills,death,level,adminlevel) VALUES('%s','%s','0','0','1','0')",pInfo[playerid][pName],inputtext);
- Here we create a new row to a table, and choose what values we want to shoot, we injected in the name of the player && password remover player (inputtext).
PHP Code:
mysql_function_query(dbHandle,gQuery,false,"","");
- Here we execute the format.
PHP Code:
SendClientMessage(playerid,-1,"you registerd successuflly!");
SpawnPlayer(playerid);
- Here we are send a mesage and spawn the player.
PHP Code:
if(dialogid == DIALOG_LOGIN)
- Here we are check if dialogid equal DIALOG_LOGIN (2)
PHP Code:
if(!response) return Kick(playerid);
- if the player click on the button un-resonse the player been kicked.
PHP Code:
if(!strlen(inputtext)) return ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"Login","Please enter your password to login!","Login","Logout");
- If it is left blank it will show him again the dialog.
PHP Code:
if(!strcmp(inputtext,pInfo[playerid][pPassword],true))
- If the password is equal to the player tapped his slogan.
PHP Code:
SendClientMessage(playerid,-1,"You logged successuflly!");
SpawnPlayer(playerid);
- Send a message to the player and spawn the player.
PHP Code:
} else {
ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"Login","Invalid password!","Login","Logout");
If the password is correct it will show him again the dialog.
PHP Code:
public OnPlayerDisconnect(playerid,reason)
{
new rows,fields;
cache_get_data(rows,fields,dbHandle);
if(rows != 0)
{
static
gQuery[128];
format(gQuery,128,"UPDATE accounts SET kills='%d',death='%d',level='%d',adminlevel='%d'",pInfo[playerid][pKills],pInfo[playerid][pDeath],pInfo[playerid][pLevel],pInfo[playerid][pAdminLevel]);
mysql_function_query(dbHandle,gQuery,false,"","");
}
}
PHP Code:
new rows,fields;
- Create a variables.
PHP Code:
cache_get_data(rows,fields,dbHandle);
derive the data of the table (accounts).
- if the player found.
PHP Code:
static
gQuery[128];
format(gQuery,128,"UPDATE accounts SET kills='%d',death='%d',level='%d',adminlevel='%d'",pInfo[playerid][pKills],pInfo[playerid][pDeath],pInfo[playerid][pLevel],pInfo[playerid][pAdminLevel]);
mysql_function_query(dbHandle,gQuery,false,"","");
- Here we are update all the values and save them.
--- Done ---
Hope you understand, any help private message successfully.
Re: How to create a Registration & Login (MySQL) -
Rube - 27.05.2014
Helpful thank you man
Re: How to create a Registration & Login (MySQL) -
Dangjai - 27.05.2014
Good job
Re: How to create a Registration & Login (MySQL) -
Norey - 28.05.2014
Bad, WTF? you're a ''' BBBBIOCH ''
Re: How to create a Registration & Login (MySQL) -
Vince - 28.05.2014
Quote:
Originally Posted by iRaiDeN
(version R7)
|
Quote:
Originally Posted by Y_Less
If you know you're not using the most up-to-date way of doing something WHY POST? Either explain the better way, regardless of whether or not you use it, or just don't post in the first place!
|
https://sampforum.blast.hk/showthread.php?tid=65567
Right.
- You're using an outdated plugin
- You're not using any password hashing at all. HUGE FLAW!
- You're not escaping user input. HUGE FLAW! Vulnerable to SQL injection!
- I wouldn't advise using the *_content functions. You know in what order the fields will be returned. Use the index, it's faster.
Re: How to create a Registration & Login (MySQL) -
iRaiDeN - 28.05.2014
Quote:
Originally Posted by Vince
https://sampforum.blast.hk/showthread.php?tid=65567
Right. - You're using an outdated plugin
- You're not using any password hashing at all. HUGE FLAW!
- You're not escaping user input. HUGE FLAW! Vulnerable to SQL injection!
- I wouldn't advise using the *_content functions. You know in what order the fields will be returned. Use the index, it's faster.
|
Okay sorry, but this tutorial is only to beginners programmers.
For injection, that's not true, it works best as possible.
Re: How to create a Registration & Login (MySQL) -
Calgon - 28.05.2014
nice gang full support
Re: How to create a Registration & Login (MySQL) -
Potassium - 28.05.2014
Quote:
Originally Posted by iRaiDeN
Okay sorry, but this tutorial is only to beginners programmers.
|
Beginners should be taught the correct ways to do things from the start so that they don't have to change their style later
Re: How to create a Registration & Login (MySQL) -
Djole1337 - 28.05.2014
Quote:
pInfo[MAX_PLAYERS][playerEnum] = {-1,...},
|
It should be:
pawn Code:
public OnPlayerConnect(playerid) {
new zeromem[playerEnum];
pInfo[playerid]=zeromem;
return 1;
}
Otherwise your stats will mess-up.
Re: How to create a Registration & Login (MySQL) -
IJzerenRita - 28.05.2014
Hello everybody, please do not ever use this script. It contains bad practices and multiple security flaws. Look elsewhere.
Re: How to create a Registration & Login (MySQL) -
iZN - 28.05.2014
Quote:
Originally Posted by iRaiDeN
For injection, that's not true, it works best as possible.
|
Why don't you accept your faults? Just don't write tutorials or stupid includes related to MySQL if you don't know what you are even trying to do.
Re: How to create a Registration & Login (MySQL) -
iRaiDeN - 30.05.2014
Quote:
Originally Posted by iZN
Why don't you accept your faults? Just don't write tutorials or stupid includes related to MySQL if you don't know what you are even trying to do.
|
Look I worked great, I built this DM mode two weeks ago.
http://sa-mp.co.il/showthread.php?t=80460
http://pastebin.com/JLJJEXQu
Re : How to create a Registration & Login (MySQL) -
S4t3K - 30.05.2014
They don't told you your work is bad, just bad optimized and hugely unsafe.
• No hashing => A bad head admin would get the user passwords and check them on other servers then using user's account
• *_content functions => Works good but slower than the index's function
• No escaping, vulnerable to SQL Injections => They mean a bad user could try to sql inject your database by inputting a special character. I don't know more about those except that either mysql_escape_string or mysql_format with the %e specifier add a \ before special characters like the single quote '. Read more about this in the
MySQL wiki
• Old plugin => Works also, but if more recent versions were released it's for a reason you don't think ?
It's from a good goal but it looks like you don't know enough for trying to teach it to others.
Re: How to create a Registration & Login (MySQL) -
Lacamora - 30.05.2014
Very bad work it's not optimized at all and you are using an oldless plugin
Re: How to create a Registration & Login (MySQL) -
iRaiDeN - 30.05.2014
Quote:
Originally Posted by Lacamora
Very bad work it's not optimized at all and you are using an oldless plugin
|
Suddenly this newest version.
Re: How to create a Registration & Login (MySQL) -
iCurse - 03.06.2014
Really Helpful!
Thank you men!
I appreciate this!