1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
Password problem
Noles2197
Big Clucker
***
Posts: 124
Threads: 57
Joined: Jul 2011
Reputation: 0
#1

27.01.2013, 01:17
Having a problem with my login/registration system! When I register it saves the password to the player's file and everything..
but when you go to login on that account, if you put in any password like '123', it will still let you login.
Anyone can login to any ones accounts.

pawn Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
    if(dialogid == 2) 
    {
        if(!response) return Kick(playerid);
        if(response) 
        {
            if(!strlen(inputtext)) 
            {
                ShowPlayerDialog(playerid,2,3,"Registration","Type in a password to register","Register","Leave");
                return 1;
            }
            new INI:file = INI_Open(Path(playerid));
            INI_SetTag(file,"Player's Stats");
            INI_WriteString(file,"Password",(inputtext));
            INI_WriteInt(file,"Admin",0); 
            INI_WriteInt(file,"Cash",25);
            INI_Close(file);
            return 1;
        }
    }
    if(dialogid == 1)
    {
        if(!response) return Kick(playerid);
        if(response)
        {
            if(strcmp(inputtext,pInfo[playerid][Pass])) // Here
            {
                INI_ParseFile(Path(playerid),"loadaccount_%s",.bExtra = true, .extra = playerid);
                GivePlayerMoney(playerid,pInfo[playerid][Cash]);
            }
            else 
            {
                ShowPlayerDialog(playerid,1,3,"Login","Type in your password to login\nIncorrect password!","Login","Leave");
                return 1;
            }
        }
    }
    return 1;
}
Find
Reply
Threshold
High-roller
*****
Posts: 3,085
Threads: 37
Joined: Nov 2012
Reputation: 0
#2

27.01.2013, 01:23
First of all:
pawn Код:
if(strcmp(inputtext, pInfo[playerid][Pass], false) == 0)
https://sampwiki.blast.hk/wiki/strcmp

Second of all, if this doesn't work, show your loadaccount function...
Thirdly, HASH YOUR GOD DAMN PASSWORDS. Once player's find out that you can just look at what their password is, it's automatically a security threat to them and they will leave (if they're in good mind). Use Whirlpool or udb_hash to hash your passwords, I certainly wouldn't want some asshole looking through my file to find my password.
Find
Reply
JaKe Elite
High-roller
*****
Posts: 3,715
Threads: 358
Joined: Apr 2012
Reputation: 0
#3

27.01.2013, 02:00
you're using newbienoob's tutorial right?

Look below (ending of the tutorial). He mention something to fix this problem.
Find
Reply
Noles2197
Big Clucker
***
Posts: 124
Threads: 57
Joined: Jul 2011
Reputation: 0
#4

27.01.2013, 02:04
My friend actually got that from there I think, so thanks Romel.
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help