[Carrot]

Hello, so when I try to log in it wont log me in even with the correct password.
My code:

pawn Код:

if(dialogid == Logindialog)
    {
        new buffer[200];
        if(!response) return Kick(playerid) && SendClientMessage(playerid,red,"Have it Your way!");
        mysql_real_escape_string(inputtext,inputtext);
        mysql_real_escape_string(GetPName(playerid),GetPName(playerid));
        format(Query, sizeof(Query), "SELECT `Password` FROM `Accounts` WHERE `Username` = '%s'",
        GetPName(playerid));
        mysql_query(Query);
        mysql_store_result();
        WP_Hash(buffer, sizeof(buffer), inputtext);
        if(!strcmp(buffer, pinfo2[playerid][pPassword], true))
        {
            LoadAccountVariables(playerid);
            pinfo2[playerid][hours] = pinfo2[playerid][hours];
            pinfo2[playerid][mins] = pinfo2[playerid][mins];
            SetPVarInt(playerid,"Logged2",1);
            Showinfo2(playerid,"~g~Successfully logged in!");
            TogglePlayerSpectating(playerid,0);
            mysql_free_result();
            PInfo[playerid][Failedlogins] = 0;
        }
        else
        {
            PInfo[playerid][Failedlogins] ++;
            format(string,sizeof(string),""lred"Logins failed: %i/3 \n"lwhite"Hey, "lgreen"%s!{00A5FF}\nYour account is registered, please enter the password below!\n"lwhite"Or press cancel to "lred"leave",PInfo[playerid][Failedlogins],GetPName(playerid));
            ShowPlayerDialog(playerid,Logindialog,1,"Login",string,"Ok","Cancel");
            Showinfo2(playerid,"~r~~h~Incorrect password!");
            TogglePlayerSpectating(playerid,1);
            if(PInfo[playerid][Failedlogins] == 3)
            {
                format(string,sizeof(string),"*** %s has been automatically as they entered the wrong password 3 times.",GetPName(playerid));
                Kick(playerid);
                SendClientMessageToAll(red,string);
            }
            return 1;
        }
    }

I don't really get whats the problem, can u please help me? thanks.

[Cameltoe]

Why don't you :

pawn Код:

new HashedPW[150];
WP_Hash(HashedPW, sizeof(HashedPW), inputtext);
format(Query, sizeof(Query), "SELECT * FROM Accounts WHERE Username = '%s' AND Password = '%s';", GetPName(playerid),HashedPW); // OR even use any of the mysql's embeded crypt methods.
mysql_query(Query);
mysql_store_result();
if(mysql_num_rows()) // Execute account loading etc.
else // Execute Wrong password etc.

[Calgon]

Because you're still hashing inputtext and NOT buffer. Pay some attention, but that method is generally better than the way that you're currently doing, providing you actually format your query to use 'buffer' and not 'inputtext'.

[Cameltoe]

Quote:

Originally Posted by Calg00ne Because you're still hashing inputtext and NOT buffer. Pay some attention, but that method is generally better than the way that you're currently doing, providing you actually format your query to use 'buffer' and not 'inputtext'.

My bad, i got no clue how WP hashes work, though i stated "// OR even use any of the mysql's embeded crypt methods" As of, i would rather Myself use any of the mysql's embeded crypting methods, probably faster and alot easier.

I'll read about Wp, and edit my post.

Quote:

Originally Posted by Cameltoe Why don't you : pawn Код: new HashedPW[150]; WP_Hash(HashedPW, sizeof(HashedPW), inputtext); format(Query, sizeof(Query), "SELECT * FROM Accounts WHERE Username = '%s' AND Password = '%s';", GetPName(playerid), HashedPW); // OR even use any of the mysql's embeded crypt methods. mysql_query(Query); mysql_store_result(); if(mysql_num_rows()) // Execute account loading etc. else // Execute Wrong password etc.

[Calgon]

There's no Whirlpool encrypt function for MySQL, so you have to use another engine to generate the hash then input it in to your query.

[Carrot]

Well all i can say is, you guys aren't helping, you are doing a hash discussion
Which aint much of the problem, the problem is why isn't it reading...

[Calgon]

If you bothered to read our posts, I suggested you tried to use Cameltoe's code, but update it to work by changing 'inputtext' in the format to 'buffer'

pawn Код:

new buffer[129];
WP_Hash(buffer, sizeof(buffer), inputtext);
format(Query, sizeof(Query), "SELECT * FROM Accounts WHERE Username = '%s' AND Password = '%s';", GetPName(playerid), buffer); 
mysql_query(Query);
mysql_store_result();
if(mysql_num_rows()) {
// Correct pass
} else { 
// Wrong pass
}
mysql_free_result();

[Carrot]

Bothered? JESUS!! -.- don't you think i want to repair this fucking shit?
Iv been having problems in my server that has 20-30 players all the time.
I do really want to fix this problem that has around 2 weeks.

[Carrot]

Quote:

Originally Posted by Cameltoe Why don't you : pawn Код: new HashedPW[150]; WP_Hash(HashedPW, sizeof(HashedPW), inputtext); format(Query, sizeof(Query), "SELECT * FROM Accounts WHERE Username = '%s' AND Password = '%s';", GetPName(playerid),HashedPW); // OR even use any of the mysql's embeded crypt methods. mysql_query(Query); mysql_store_result(); if(mysql_num_rows()) // Execute account loading etc. else // Execute Wrong password etc.

Well, this worked.
Thanks.

[Cameltoe]

Quote:

Originally Posted by Carrot Well, this worked. Thanks.

You're welcome, next time don't act a fool, being ignorant won't help you.