stock udb_hash(buf[]) { new length=strlen(buf); new s1 = 1; new s2 = 0; new n; for (n=0; n<length; n++) { s1 = (s1 + buf[n]) % 65521; s2 = (s2 + s1) % 65521; } return (s2 << 16) + s1; }
stock SaveAccount(playerid) { new INI:File = INI_Open(UserPath(playerid)); INI_SetTag(File, "Account data"); INI_WriteInt(File, "Banned", PlayerInfo[playerid][pBanned]); INI_WriteInt(File, "PermBand", PlayerInfo[playerid][pPermBand]); INI_WriteInt(File, "BanReason", PlayerInfo[playerid][pBanReason]); INI_WriteInt(File, "PrisonReason", PlayerInfo[playerid][pPrisonReason]); INI_WriteInt(File, "AdminJailed", PlayerInfo[playerid][pAdminJailed]); INI_WriteInt(File, "PrisonedBy",PlayerInfo[playerid][pPrisonedBy]); INI_WriteInt(File, "Donor",PlayerInfo[playerid][pDonor]); INI_WriteInt(File, "XP", PlayerInfo[playerid][pExp]); INI_WriteInt(File, "Cash", GetPlayerMoney(playerid)); INI_WriteInt(File, "Kills", PlayerInfo[playerid][pKills]); INI_WriteInt(File, "Deaths", PlayerInfo[playerid][pDeaths]); INI_WriteInt(File, "Tikis", PlayerInfo[playerid][pTikis]); INI_Close(File); return 1; }
forward loadUserData(playerid,name[],value[]); public loadUserData(playerid,name[],value[]) { INI_Int("Key", PlayerInfo[playerid][pKey]); INI_Int("Banned", PlayerInfo[playerid][pBanned]); INI_Int("PermBand", PlayerInfo[playerid][pPermBand]); INI_Int("BanReason", PlayerInfo[playerid][pBanReason]); INI_Int("PrisonReason", PlayerInfo[playerid][pPrisonReason]); INI_Int("AdminJailed", PlayerInfo[playerid][pAdminJailed]); INI_Int("PrisonedBy", PlayerInfo[playerid][pPrisonedBy]); INI_Int("Donor", PlayerInfo[playerid][pDonor]); INI_Int("XP", PlayerInfo[playerid][pExp]); INI_Int("Cash", PlayerInfo[playerid][pCash]); INI_Int("Kills", PlayerInfo[playerid][pKills]); INI_Int("Deaths", PlayerInfo[playerid][pDeaths]); INI_Int("Tikis", PlayerInfo[playerid][pTikis]); return 1; }
stock UserPath(playerid) { new string[128],playername[MAX_PLAYER_NAME]; GetPlayerName(playerid,playername,sizeof(playername)); format(string,sizeof(string),PATH,playername); return string; } stock CheckAccount(playerid) { if(fexist(UserPath(playerid))) { INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid); ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"{00FF00}Logging-in","{FFFFFF}Account status:{00FF00} REGISTERED\n{FFFFFF}Put your password to login.","Login","Quit"); } else { ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD,"{00FF00}Registering","{FFFFFF}Account status:{FF0000}NOT-REGISTERED\n{FFFFFF}Put your desired password to register.","Register","Quit"); } return 1; }
public OnPlayerConnect(playerid) { new string[500]; removeBuildings(playerid); PlayerInfo[playerid][pKey] = 0; PlayerInfo[playerid][pAdmin] = 0; PlayerInfo[playerid][pBanned] = 0; PlayerInfo[playerid][pPermBand] = 0; PlayerInfo[playerid][pBanReason] = 0; PlayerInfo[playerid][pPrisonReason] = 0; PlayerInfo[playerid][pAdminJailed] = 0; PlayerInfo[playerid][pPrisonedBy] = 0; PlayerInfo[playerid][pDonor] = 0; PlayerInfo[playerid][pExp] = 0; PlayerInfo[playerid][pCash] = 0; PlayerInfo[playerid][pKills] = 0; PlayerInfo[playerid][pDeaths] = 0; PlayerInfo[playerid][pTikis] = 0; format(string, 128, "{00BFFF}%s{FFFFFF} has joined the lobby.", PlayerName(playerid)); SendClientMessageToAll(-1, string); CheckAccount(playerid); return 1; }
public OnPlayerDisconnect(playerid, reason) { new string[512]; SaveAccount(playerid); if(reason == 0) { format(string, 256, "{00BFFF}%s{FFFFFF}has left the server. Reason:{00BFFF}Timeout{FFFFFF}", PlayerName(playerid)); SendClientMessageToAll(-1, string); } else if(reason == 1) { format(string, 256, "{00BFFF}%s{FFFFFF}has left the server. Reason:{00BFFF}Quit{FFFFFF}", PlayerName(playerid)); SendClientMessageToAll(-1, string); } else if(reason == 2) { format(string, 256, "{00BFFF}%s{FFFFFF}has left the server. Reason:{00BFFF}Kicked/Banned{FFFFFF}", PlayerName(playerid)); SendClientMessageToAll(-1, string); } PlayerInfo[playerid][pKey] = 0; PlayerInfo[playerid][pAdmin] = 0; PlayerInfo[playerid][pBanned] = 0; PlayerInfo[playerid][pPermBand] = 0; PlayerInfo[playerid][pBanReason] = 0; PlayerInfo[playerid][pPrisonReason] = 0; PlayerInfo[playerid][pAdminJailed] = 0; PlayerInfo[playerid][pPrisonedBy] = 0; PlayerInfo[playerid][pDonor] = 0; PlayerInfo[playerid][pExp] = 0; PlayerInfo[playerid][pCash] = 0; PlayerInfo[playerid][pKills] = 0; PlayerInfo[playerid][pDeaths] = 0; PlayerInfo[playerid][pTikis] = 0; return 1; }
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[]) { switch( dialogid ) { case DIALOG_REGISTER: { if (!response) return PKick(playerid); if(response) { if(!strlen(inputtext)) return ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_INPUT, "{FFFFFF}Registering...","{FF0000}You have entered an invalid password.\n{FFFFFF}Type your password below to register a new account.","Register","Quit"); new INI:File = INI_Open(UserPath(playerid)); INI_SetTag(File,"data"); INI_WriteInt(File,"Key",udb_hash(inputtext)); INI_WriteInt(File,"Admin",0); INI_WriteInt(File,"Banned", 0); INI_WriteInt(File,"PermBand",0); INI_WriteInt(File,"BanReason",0); INI_WriteInt(File,"PrisonReason",0); INI_WriteInt(File,"AdminJailed",0); INI_WriteInt(File,"PrisonedBy",0); INI_WriteInt(File,"Donor",0); INI_WriteInt(File,"Exp", 0); INI_WriteInt(File,"Cash", 0); INI_WriteInt(File,"Account",0); INI_WriteInt(File,"Kills",0); INI_WriteInt(File,"Deaths", 0); INI_WriteInt(File,"Model", 0); INI_WriteInt(File,"Clothes", 0); INI_WriteInt(File,"Tikis", 0); INI_Close(File); } } case DIALOG_LOGIN: { if (!response) return Kick (playerid); if(response) { if(udb_hash(inputtext) == PlayerInfo[playerid][pKey]) { INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid); GivePlayerMoney(playerid, PlayerInfo[playerid][pCash]); SetPlayerScore(playerid, PlayerInfo[playerid][pExp]); } } else { SendClientMessage(playerid, -1, "{FF0000}Your password is incorrect. Please, talk to an administrator regarding this."); PKick(playerid); } return 1; } } return 1; }
udb_hash is, despite it's unluckily chosen name, NOT A HASHING ALGORITHM. You might as well be storing passwords in plaintext, that's how insecure it is.
|
** YSI Error: INI_Open couldn't find or create /Users/Kevin.ini **
#define PATH "/Users/%s.ini"
INI_SetTag(File, "Account data");
INI_SetTag(File, "Account_data");
public OnPlayerConnect(playerid)
{
new string[500];
removeBuildings(playerid);
format(string, 128, "{00BFFF}%s{FFFFFF} has joined the lobby.", PlayerName(playerid));
SendClientMessageToAll(-1, string);
CheckAccount(playerid);
return 1;
}
stock CheckAccount(playerid)
{
if(fexist(UserPath(playerid)))
{
INI_ParseFile(UserPath(playerid), "loadUserData", .bExtra = true, .extra = playerid);
ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"{00FF00}Logging-in","{FFFFFF}Account status:{00FF00} REGISTERED\n{FFFFFF}Put your password to login.","Login","Quit");
}
else
{
ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD,"{00FF00}Registering","{FFFFFF}Account status:{FF0000}NOT-REGISTERED\n{FFFFFF}Put your desired password to register.","Register","Quit");
}
return 1;
}
public OnPlayerDisconnect(playerid, reason)
{
new string[512];
SaveAccount(playerid);
if(reason == 0)
{
format(string, 256, "{00BFFF}%s{FFFFFF}has left the server. Reason:{00BFFF}Timeout{FFFFFF}", PlayerName(playerid));
SendClientMessageToAll(-1, string);
}
else if(reason == 1)
{
format(string, 256, "{00BFFF}%s{FFFFFF}has left the server. Reason:{00BFFF}Quit{FFFFFF}", PlayerName(playerid));
SendClientMessageToAll(-1, string);
}
else if(reason == 2)
{
format(string, 256, "{00BFFF}%s{FFFFFF}has left the server. Reason:{00BFFF}Kicked/Banned{FFFFFF}", PlayerName(playerid));
SendClientMessageToAll(-1, string);
}
PlayerInfo[playerid][pCash] = GetPlayerMoney(playerid);
new INI:File = INI_Open(UserPath(playerid));
INI_WriteInt("Key", PlayerInfo[playerid][pKey]);
INI_WriteInt("Banned", PlayerInfo[playerid][pBanned]);
INI_WriteInt("PermBand", PlayerInfo[playerid][pPermBand]);
INI_WriteInt("BanReason", PlayerInfo[playerid][pBanReason]);
INI_WriteInt("PrisonReason", PlayerInfo[playerid][pPrisonReason]);
INI_WriteInt("AdminJailed", PlayerInfo[playerid][pAdminJailed]);
INI_WriteInt("PrisonedBy", PlayerInfo[playerid][pPrisonedBy]);
INI_WriteInt("Donor", PlayerInfo[playerid][pDonor]);
INI_WriteInt("XP", PlayerInfo[playerid][pExp]);
INI_WriteInt("Cash", PlayerInfo[playerid][pCash]);
INI_WriteInt("Kills", PlayerInfo[playerid][pKills]);
INI_WriteInt("Deaths", PlayerInfo[playerid][pDeaths]);
INI_WriteInt("Tikis", PlayerInfo[playerid][pTikis]);
return 1;
}
native WP_Hash(buffer[], len, const str[]);
WP_Hash(PlayerInfo[playerid][Key], 129, inputtext); // hashing it!
new INI:file = INI_Open(UserPath(playerid)); //opening the file
.....
INI_WriteString(file, "Key", PlayerInfo[playerid][Key]); //write the hashed string
.....
INI_Close(file); // close the file.
..... // these naughty kids (dots) means etc stuff
new hashpass[129]; // new string variable!
WP_Hash(hashpass, sizeof(hashpass), inputtext); //hashing the inputted text
if(!strcmp(hashpass, PlayerInfo[playerid][Password])) // if the password matches
{
............... // bla bla bla your login system stuff
}
else
{
..............// bla bla if the password is wrong
}