[SteveH.]

Hello people! I have a problem with my MySQL GameMode.
Well, I've been created a stock which load, on server variables, all the stats saved in a MySQL database. When the script have to load the "Password" variable, the script hangs and it doesn't continue. Here the script:

pawn Код:

stock CaricaStats(playerid)
{
    GetPlayerName(playerid,nome,sizeof(nome));
    format(query,sizeof(query),"SELECT * FROM `users` WHERE `Username` = '%s' LIMIT 1;",nome);
    mysql_query(query);
    mysql_store_result();
    new temp[30];
    while(mysql_retrieve_row())
    {
        mysql_fetch_field_row(temp,"Codice");           stats[playerid][Codice]=strval(temp);
        mysql_fetch_field_row(temp,"Username");         format(stats[playerid][Username],24,"%s",temp);
        mysql_fetch_field_row(temp,"Password");         format(stats[playerid][Password],80,"%s",temp);
        mysql_fetch_field_row(temp,"Sesso");            format(stats[playerid][Sesso],2,"%s",temp);
        mysql_fetch_field_row(temp,"Rango");            format(stats[playerid][Rango],18,"%s",temp);
        mysql_fetch_field_row(temp,"Gruppo");           stats[playerid][Gruppo]=strval(temp);
        mysql_fetch_field_row(temp,"Skin");             stats[playerid][Skin]=strval(temp);
        mysql_fetch_field_row(temp,"SkypeId");          format(stats[playerid][SkypeId],25,"%s",temp);
        mysql_fetch_field_row(temp,"LastLoginUcp");     format(stats[playerid][LastLoginUcp],30,"%s",temp);
        mysql_fetch_field_row(temp,"LastLoginInGame");  format(stats[playerid][LastLoginInGame],30,"%s",temp);
        mysql_fetch_field_row(temp,"DataReg");          format(stats[playerid][DataReg],30,"%s",temp);
        mysql_fetch_field_row(temp,"AccountStatus");    stats[playerid][AccountStatus]=strval(temp);
        mysql_fetch_field_row(temp,"StatusCode");       format(stats[playerid][StatusCode],32,"%s",temp);
        mysql_fetch_field_row(temp,"Ban");              stats[playerid][ban]=strval(temp);
        mysql_fetch_field_row(temp,"Ip");               format(stats[playerid][Ip],20,"%s",temp);
        printf("codice e' %d",stats[playerid][Codice]);
        printf("username e' %s",stats[playerid][Username]);
        printf("Password и %s",stats[playerid][Password]);
        printf("sesso и %s",stats[playerid][Sesso]);
        printf("rango и %s",stats[playerid][Rango]);
        printf("gruppo и %d",stats[playerid][Gruppo]);
        printf("skin и %d",stats[playerid][Skin]);
        printf("skype и %s",stats[playerid][SkypeId]);
        printf("lastucp и %s",stats[playerid][LastLoginUcp]);
        printf("lastgame и %s",stats[playerid][LastLoginInGame]);
        printf("datareg и %s",stats[playerid][DataReg]);
        printf("status и %d",stats[playerid][AccountStatus]);
        printf("statuscode и %s",stats[playerid][StatusCode]);
        printf("ban и %d",stats[playerid][ban]);
        printf("ip и %s",stats[playerid][Ip]);
    }
    mysql_free_result();
}

Sometimes, furthermore, if the username printf shows "Jack_Johnson", the password printf shows the same.
PS: THIS BUG COMES OUT ONLY IF THE PASSWORD SAVED ON THE DATABASE IS HASHED.

[WopsS]

Make this

pawn Код:

stock CaricaStats(playerid, password[])

and here

pawn Код:

format(query,sizeof(query),"SELECT * FROM `users` WHERE `Username` = '%s' AND `Password` = '%s'",nome, password);

And after put

pawn Код:

mysql_real_escape_string(password, password);

[SteveH.]

With this stock, I have to load stats and after testing if the password is correct. So, I don't think that is correctly, or not?