A failure of removing SHA256 (MySQL)

A failure of removing SHA256 (MySQL) - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: A failure of removing SHA256 (MySQL) (/showthread.php?tid=639081)

A failure of removing SHA256 (MySQL) - Fratello - 11.08.2017

Hey gang,

I started using easy-mysql include recently and I removed SHA256 hashing which resulted empty password. I can make an account but I can't login and my password row is empty.

https://sampforum.blast.hk/showthread.php?tid=590310
(I'm using Login-Register exampl)

Код HTML:

case DIALOG_LOGIN:
        {
            if(!response) Kick(playerid);
            if(UserInfo[playerid][p_password])

            {
                new handle = SQL::Open(SQL::READ, "players", "p_id", UserInfo[playerid][p_id]);
                SQL::ReadInt(handle, "p_score", UserInfo[playerid][p_score]);
                SQL::ReadFloat(handle, "p_posx", UserInfo[playerid][p_posx]);
                SQL::ReadFloat(handle, "p_posy", UserInfo[playerid][p_posy]);
                SQL::ReadFloat(handle, "p_posz", UserInfo[playerid][p_posz]);
                SQL::Close(handle);
                SetPlayerScore(playerid, UserInfo[playerid][p_score]);
                UserInfo[playerid][p_loggedin] = 1;
                SendClientMessage(playerid, -1, "Successfully logged in!");

            }
            else
            {
                ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "{0080FF}Login", "Please input your password below to log in.", "Login", "Exit");
            }
        }

I tried to switch operators but it will always result blank.

Re: A failure of removing SHA256 (MySQL) - Paulice - 11.08.2017

You aren't even comparing the entered password with the account's password.

Re: A failure of removing SHA256 (MySQL) - Fratello - 11.08.2017

Can you help me do it?

Re: A failure of removing SHA256 (MySQL) - Vince - 11.08.2017

Quote:

Originally Posted by Fratello

I removed SHA256 hashing

Don't. Seriously. Neither you nor anyone else has anything to do with a player's password. If that database ever gets leaked (and if it can happen to Adobe then it can happen to you) then all information will be visible in plain text.

As for the follow-up question "what if a player forgets his password?": generate a new random one and mail it to them. Then the player can set a new password himself using conventional means.

Re: A failure of removing SHA256 (MySQL) - Fratello - 11.08.2017

I'm not planning to open a server with that script at all. I just have my reasons why I want to remove it.