Mysql command crash - Printable Version

Mysql command crash - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Mysql command crash (/showthread.php?tid=622579)

Mysql command crash - TheDarkBlade - 24.11.2016

PHP код:



    if(dialogid == DIALOG_NEWPASS)

    {

        if(response)

        {

             new length = strlen(inputtext);

            if(length < 5 || length > 15)

            {

                SendClientMessage(playerid, COLOR_WHITE, "Please enter another password (maximum 15 characters minimum 5).");

                ShowPlayerDialog(playerid, DIALOG_NEWPASS,DIALOG_STYLE_INPUT, "Change password:","Type in box your new password:","Done","Close");

                return 1;

            }

            if(strfind(inputtext,"%%")!= -1) return Kick(playerid);

            if(strlen(inputtext) > 1 && strlen(inputtext) < 16)

            {

                new tmppass[64],namee[30],playerip[16],string[75];

                mysql_real_escape_string(inputtext, tmppass);

                strmid(PlayerInfo[playerid][pKey], tmppass, 0, strlen(tmppass), 255);

                format(string,sizeof(string),"Your new password is %s.",tmppass);

                SendClientMessage(playerid, COLOR_YELLOW,string); //45709

                GetPlayerName(playerid, namee, sizeof(namee));

                GetPlayerIp(playerid, playerip, sizeof(playerip));

                format(string,sizeof(string),"%s[user:%d] changed his password . IP: %s",namee,PlayerInfo[playerid][pSQLID],playerip);

                ABroadCast(COLOR_YELLOW, string,1);

                printf(string);

                GetPlayerName(playerid,sendername,sizeof(sendername));

                new str2[240];

                mysql_format(SQL, str2, sizeof(str2), "UPDATE users SET `password`='%e' WHERE `name`='%s'",PlayerInfo[playerid][pKey], PlayerInfo[playerid][pNormalName]);

                mysql_tquery(SQL,str2,"","");

                return 1;

            }

            else

            {

                ShowPlayerDialog(playerid, DIALOG_NEWPASS,DIALOG_STYLE_INPUT, "Change password:","Type in box your new password:","Done","Close");

                return 1;

            }

        }

        return 1;

    }

PHP код:



[15:41:10] [debug] Server crashed while executing xmania2.amx

[15:41:10] [debug] AMX backtrace:

[15:41:10] [debug] #0 native SendClientMessage () from samp03svr

[15:41:10] [debug] #1 002cfd44 in public OnDialogResponse (playerid=0, dialogid=132, response=1, listitem=-1, inputtext[]=@0192cac0 "12345%s") at D:\SAMP stuff\RPG Romania 1.00.40\gamemodes\xmania2.pwn:45709

[15:41:10] [debug] Native backtrace:

[15:41:10] [debug] #0 f65f9e8b in _ZN10StackTraceC1EPv () from plugins/crashdetect.so

[15:41:10] [debug] #1 f65f2bcf in _ZN11CrashDetect20PrintNativeBacktraceERSoPv () from plugins/crashdetect.so

[15:41:10] [debug] #2 f65f3dbc in _ZN11CrashDetect20PrintNativeBacktraceEPv () from plugins/crashdetect.so

[15:41:10] [debug] #3 f65f4226 in _ZN11CrashDetect11OnExceptionEPv () from plugins/crashdetect.so

[15:41:10] [debug] #4 f65f9adc in ?? () from plugins/crashdetect.so

[15:41:10] [debug] #5 f7761410 in ?? ()

[15:41:10] [debug] #6 f74d70f7 in _IO_vfprintf () from /lib32/libc.so.6

[15:41:10] [debug] #7 f74f5ebc in vsprintf () from /lib32/libc.so.6

[15:41:10] [debug] #8 080ad731 in ?? () from samp03svr

[15:41:10] [debug] #9 080d99e9 in ?? () from samp03svr

[15:41:10] [debug] #10 080950e4 in ?? () from samp03svr

[15:41:10] [debug] #11 f65f594b in _ZN11CrashDetect13DoAmxCallbackEiPiS0_ () from plugins/crashdetect.so

[15:41:10] [debug] #12 f65f88f8 in ?? () from plugins/crashdetect.so

[15:41:10] [debug] #13 f65fc916 in amx_Exec () from plugins/crashdetect.so

[15:41:10] [debug] #14 f65f4be6 in _ZN11CrashDetect9DoAmxExecEPii () from plugins/crashdetect.so

[15:41:10] [debug] #15 f65f8659 in ?? () from plugins/crashdetect.so

[15:41:10] [debug] #16 f65652ea in ?? () from plugins/streamer.so

[15:41:10] [debug] #17 080a682f in ?? () from samp03svr

[15:41:10] [debug] #18 080b2c44 in ?? () from samp03svr

[15:41:10] [debug] #19 08071d38 in ?? () from samp03svr

[15:41:10] [debug] #20 08071e32 in ?? () from samp03svr

[15:41:10] [debug] #21 0807bc50 in ?? () from samp03svr

[15:41:10] [debug] #22 080aed3d in ?? () from samp03svr

[15:41:10] [debug] #23 080aef02 in ?? () from samp03svr

[15:41:10] [debug] #24 080aa13a in ?? () from samp03svr

[15:41:10] [debug] #25 f74aabf6 in __libc_start_main () from /lib32/libc.so.6

[15:41:10] [debug] #26 0804b4e1 in ?? () from samp03svr

Re: Mysql command crash - Vince - 24.11.2016

PHP код:



if(strfind(inputtext,"%%")

That escape sequence only works in the format() function.

Also you should be hashing passwords. Storing passwords in plain text is not done and is in violation of the service agreement.