1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help
  4. Help Archive

Threaded Mode
[MSQL] Need help checking if password is right.
Type-R
Huge Clucker
****
Posts: 292
Threads: 87
Joined: Feb 2011
Reputation: 0
#1

05.06.2011, 18:01
Hello, so i am trying to create a register, login system. I made the register and it works fine, it shows my nickname in database and password that i set, but i am having problems with login, because i don't really know how to check if the password is correct that you typed compared to password in the database. Here's the script:

Код:
if(dialogid == 200)
	{
	    if(response)
	    {
	        new vardas[MAX_PLAYER_NAME];
	        if(!strlen(inputtext)) return ShowPlayerDialog(playerid,200,DIALOG_STYLE_INPUT,"{A3E4FF}Prisijungimas","{FFFFFF}Jus neivedete slaptazodzio.\n{FFFFFF}Prasome ivesti slaptazodi, kad galetumete prisijungti.","Prisijungti","Atsaukti");
 			if(strlen(inputtext) < 3 || strlen(inputtext) >= 32)
	    	return ShowPlayerDialog(playerid,200,DIALOG_STYLE_INPUT,"{A3E4FF}Prisijungimas","{FFFFFF}Slaptazodis yra per trumpas arba per ilgas.\n{FFFFFF}Prasome ivesti teisinga slaptazodi, kad galetumete prisijungti!","Prisijungti","Atsaukti");
			CheckMySQL();
    		new string[128];
			format(string, sizeof(string), "SELECT * FROM Saskaitos WHERE Vardas = '%s' AND Slaptazodis = '%s'", vardas, inputtext);
			mysql_query(string);
			mysql_store_result();
			if(mysql_num_rows())
			{
			    prisijunges[playerid] = 1;
				SendClientMessage(playerid, geltona, "[FunZoneLT]>> Jus prisijungete! Sekmes zaidime jums linki Administracijos komanda!");
				GivePlayerMoney(playerid, -50000);
				if(ALygis[playerid] >= 1)
  				{
  		    		Alabel[playerid] = Create3DTextLabel("Administratorius", raudona,30.0,40.0,50.0,40.0,0);
    				Attach3DTextLabelToPlayer(Alabel[playerid], playerid, 0.0, 0.0, 0.7);
				}
			}
			else
			{
				ShowPlayerDialog(playerid,200,DIALOG_STYLE_INPUT,"{A3E4FF}Prisijungimas","{FFFFFF}Jus ivedete neteisinga slaptazodi.\n{FFFFFF}Prasome ivesti teisinga slaptazodi, kad galetumete prisijungti!","Prisijungti","Atsaukti");
				return 1;
			}
			new row[128];
			new field[7][32]; // [4] = Amount of fields, [24] = Max length of the bigest field.
			mysql_fetch_row_format(row, "|");
			explode(row, field, "|");
			mysql_free_result();
			// The field starts here with 1, because the field 'Name' = 0, and we already have the name in a variable.
			format(ZStats[playerid][Slaptazodis], 32, "%s", field[1]);
 			ZStats[playerid][Adminas] = strval(field[2]);
 			ZStats[playerid][Pinigai] = strval(field[3]);
 			GivePlayerMoney(playerid, ZStats[playerid][Pinigai]);
		}
		else
		{
		    SendClientMessage(playerid, raudona, "[FunZoneLT]>> Jus turite prisijungti prie serverio, pries zaidziant!");
		    Kick(playerid);
		}
	}
I am new to MSQL, can anyone tell me where's the problem?
Find
Reply
CoaPsyFactor
Gangsta
*****
Posts: 867
Threads: 104
Joined: Jul 2010
Reputation: 0
#2

05.06.2011, 18:52
you need php code that check password
Find
Reply
Type-R
Huge Clucker
****
Posts: 292
Threads: 87
Joined: Feb 2011
Reputation: 0
#3

05.06.2011, 18:59
Could you give me an example?
Find
Reply
Snipa
Banned
Posts: 815
Threads: 65
Joined: May 2010
#4

05.06.2011, 19:02
pawn Код:
if(mysql_num_rows() != 0)
        {
            //Correct Password
        }
        else
        {
            //Incorrect Password
        }
Find
Reply
Type-R
Huge Clucker
****
Posts: 292
Threads: 87
Joined: Feb 2011
Reputation: 0
#5

05.06.2011, 19:23
It still, says that my password is wrong, and heres how i put the your thing in:
Код:
if(dialogid == 200)
	{
	    if(response)
	    {
	        new Pass = strval(inputtext);
	        //new vardas[MAX_PLAYER_NAME];
	        if(!strlen(inputtext)) return ShowPlayerDialog(playerid,200,DIALOG_STYLE_INPUT,"{A3E4FF}Prisijungimas","{FFFFFF}Jus neivedete slaptazodzio.\n{FFFFFF}Prasome ivesti slaptazodi, kad galetumete prisijungti.","Prisijungti","Atsaukti");
 			if(strlen(inputtext) < 3 || strlen(inputtext) >= 32)
	    	return ShowPlayerDialog(playerid,200,DIALOG_STYLE_INPUT,"{A3E4FF}Prisijungimas","{FFFFFF}Slaptazodis yra per trumpas arba per ilgas.\n{FFFFFF}Prasome ivesti teisinga slaptazodi, kad galetumete prisijungti!","Prisijungti","Atsaukti");
			CheckMySQL();
    		//new string[128];
    		new Query[200];
			format(Query, sizeof(Query), "SELECT * FROM `Saskaitos` WHERE `Vardas` = '%s' AND `Slaptazodis` = '%i'", GetPlayerEscapeName(playerid), Pass);
			mysql_query(Query);
			mysql_store_result();
			if(mysql_num_rows() != 0)
        	{
            	prisijunges[playerid] = 1;
				SendClientMessage(playerid, geltona, "[FunZoneLT]>> Jus prisijungete! Sekmes zaidime jums linki Administracijos komanda!");
				GivePlayerMoney(playerid, -50000);
				if(ALygis[playerid] >= 1)
  				{
  		    		Alabel[playerid] = Create3DTextLabel("Administratorius", raudona,30.0,40.0,50.0,40.0,0);
    				Attach3DTextLabelToPlayer(Alabel[playerid], playerid, 0.0, 0.0, 0.7);
				}
        	}
       	 	else
        	{
            	ShowPlayerDialog(playerid,200,DIALOG_STYLE_INPUT,"{A3E4FF}Prisijungimas","{FFFFFF}Jus ivedete neteisinga slaptazodi.\n{FFFFFF}Prasome ivesti teisinga slaptazodi, kad galetumete prisijungti!","Prisijungti","Atsaukti");
				return 1;
       	 	}
			new row[128];
			new field[7][32]; // [4] = Amount of fields, [24] = Max length of the bigest field.
			mysql_fetch_row_format(row, "|");
			explode(row, field, "|");
			mysql_free_result();
			// The field starts here with 1, because the field 'Name' = 0, and we already have the name in a variable.
			format(ZStats[playerid][Slaptazodis], 32, "%s", field[1]);
 			ZStats[playerid][Adminas] = strval(field[2]);
 			ZStats[playerid][Pinigai] = strval(field[3]);
 			GivePlayerMoney(playerid, ZStats[playerid][Pinigai]);
		}
		else
		{
		    SendClientMessage(playerid, raudona, "[FunZoneLT]>> Jus turite prisijungti prie serverio, pries zaidziant!");
		    Kick(playerid);
		}
	}
Anyone know what the problem is? ( Im new to MSQL
Find
Reply
Mean
High-roller
*****
Posts: 2,726
Threads: 85
Joined: Jul 2010
Reputation: 0
#6

05.06.2011, 20:28
Quote:
Originally Posted by Snipa
Посмотреть сообщение
pawn Код:
if(mysql_num_rows() != 0)
        {
            //Correct Password
        }
        else
        {
            //Incorrect Password
        }
...No... As far as I know, mysql_num_rows is used when the thing you put in query is found or not.
Use strcmp to compare passwords.
Find
Reply
Johnson_boy
Huge Clucker
***
Posts: 215
Threads: 25
Joined: Mar 2011
Reputation: 0
#7

05.06.2011, 21:58
Quote:
Originally Posted by Mean
Посмотреть сообщение
...No... As far as I know, mysql_num_rows is used when the thing you put in query is found or not.
Use strcmp to compare passwords.
There is no need for strcmp, that mysql_num_rows is just the right one.
You run your query like SELECT NULL FROM `table` WHERE `username` LIKE 'name' AND `password` = 'pass', which returns something only if there is row with same username and password.
Find
Reply
Johnson_boy
Huge Clucker
***
Posts: 215
Threads: 25
Joined: Mar 2011
Reputation: 0
#8

05.06.2011, 22:01
I think I found your problem too.
This isn't right way to deal with password: new Pass = strval(inputtext);
I'm not sure what that returns, but it definitely isn't what you should have.
Use some encrypt or hash instead.

EDIT: I tested what that returns and it is always 0 -not good.
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help
  4. Help Archive