1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
Help PHP Login
CoR3
Big Clucker
***
Posts: 86
Threads: 36
Joined: Jan 2014
Reputation: 0
#1

22.09.2014, 18:32
Hi, i want to do a PHP Login for my PCU, but i have a problem; "i dont know how to do that because i have encrypted passwords with Whirlpool." if you know how to do that, please send me a message! i need that!.
Have a good day!
Find
Reply
Stinged
High-roller
*****
Posts: 1,578
Threads: 15
Joined: Feb 2013
Reputation: 0
#2

22.09.2014, 18:38
SA-MP Scripting =\= PHP
Find
Reply
dusk
High-roller
*****
Posts: 1,113
Threads: 127
Joined: Jul 2008
Reputation: 0
#3

22.09.2014, 18:50
PHP has a function for hashing strings with Whirlpool aswell.
Find
Reply
CoR3
Big Clucker
***
Posts: 86
Threads: 36
Joined: Jan 2014
Reputation: 0
#4

22.09.2014, 19:10
Humm, but... whats my error?

Quote:

<?php

include("includes/config.php");

if($_POST['login'])
{
$query = mysql_query("SELECT `ID`, `Password` FROM `users` WHERE `Username` = '" . $_POST['username'] . "'");

if(mysql_num_rows($query))
{
$row = mysql_fetch_assoc($query);
$password = $row['Contra'];
$hashedPassword = $_POST['password'];

if(!strcasecmp($hashedPassword, $password))
{
$_SESSION['Logueado'] = true;
$_SESSION['CuentaID'] = $row['ID'];
echo "<center><font class='outline' face='arial' color='#00FF00'><b>Usted, ha logueado correctamente.</b></font></center>";
redirect("index.php");
}
else echo "<center><font class='outline' face='arial' color='red'><b>Los datos ingresados son incorrectos.</b></font></center><br>";
}
else echo "<center><font class='outline' face='arial' color='red'><b>Los datos ingresados son incorrectos.</b></font></center><br>";
}

?>

<html>
<br>
<br>
<br>
<div id="ingreso">
<center>
<form action='ingreso.php' method='POST'>
Bienvenido, por favor ingrese su nombre y contraseсa.
<input type='text' name='Username' value='<?php echo $_POST['Username'] ?>' placeholder='Usuario' maxlength='24' size='30' /><br>
<input type='password' name='Password' placeholder='Contrase&ntilde;a' maxlength='50' size='30' /><br><br>
<input type='hidden' name='login' value='1' />
<input type='submit' value='' class='login' />
</form>
</center>
</div>
</html>
This is my DB

[IMG][/IMG]
Find
Reply
pEmanZ
Little Clucker
**
Posts: 6
Threads: 0
Joined: May 2014
Reputation: 0
#5

22.09.2014, 19:50
* I know its not your answer but use $_GET['username'] not $_POST['username'], anyone can harsh it if your script is not pro.
* Don't use mysql, use mysqli instead, others can use sql injection on mysql
* Don't post peoples IP please, you could remove it with paint or something
Find
Reply
Vince
Spam Machine
*****
Posts: 10,066
Threads: 38
Joined: Sep 2007
Reputation: 0
#6

22.09.2014, 20:04
I don't recommend writing your own panel if you have no experience.
  • $_POST['username'] is not a safe string. Don't use it directly in a query. A user could basically supply anything here, possibly corrupting the query.
  • Don't use the 'mysql' module; it's deprecated. Use mysqli or PDO instead.
  • The <center> tag is deprecated, as is the <font> tag (since 1999, no less). Use CSS for styling.
Find
Reply
CoR3
Big Clucker
***
Posts: 86
Threads: 36
Joined: Jan 2014
Reputation: 0
#7

22.09.2014, 22:38
somebody can help me fixing that?
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 2 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help