[Blunt]

I've got an issue with y_ini saving passwords, which are not hashed.

My issue is that when I'm typing in the correct password, it displays it as 'Invalid', and even if it's the wrong password for the account it still displays 'Invalid'.

I've tried creating a new account and registering it, successfully but when it eventually gets to the login screen, I type the password I just registered the account with and it displays 'Invalid' still. I'm so confused and I literally have no idea of how to resolve this issue, as the code I scripted looks perfectly fine to me.

Heres the DialogResponse Codes(Ignore the indentation, focus on the password coding);

Код:

case DIALOG_REGISTER:
        {
            new INI:File = INI_Open(UserPath(playerid));
            if(!response) return Kick(playerid);
            if(response)
            {
                if(!strlen(inputtext))
				{
				    SendClientMessage(playerid,COLOR_GREY,#Invalid registeration password.);
                	ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_INPUT,"User account registration","Type in a password combination in order \nto registrate your new account.","Register","Leave");
    			}
   				INI_SetTag(File,"DATA");
       			INI_WriteString(File,"Password",inputtext);
          		INI_WriteInt(File,"Cash",0);
            	INI_WriteInt(File,"Kills",0);
             	INI_WriteInt(File,"Admin",0);
              	INI_WriteInt(File,"Skin",0);
              	INI_WriteInt(File,"SkinChanges",0);
              	INI_WriteInt(File,"Spawned",0);
              	INI_WriteInt(File,"Level",0);
              	INI_WriteInt(File,"Donator",0);
              	INI_WriteInt(File,"FightStyle",0);
              	INI_WriteInt(File,"Deaths",0);
              	INI_WriteInt(File,"Warnings",0);
              	INI_WriteInt(File,"Kicks",0);
              	INI_Close(File);
              	ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
			}
        }
        case DIALOG_LOGIN:
        {
            if(!response) return Kick (playerid);
            if(response)
            {
                if(!strlen(inputtext))
				{
				    SendClientMessage(playerid,COLOR_GREY,#Invalid password combination);
				    ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
					return 1;
				}
                if(strcmp(inputtext,PlayerInfo[playerid][pPass],true))
				{
				    INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid);
					SetPlayerScore(playerid,PlayerInfo[playerid][pKills]);
					ResetPlayerMoney(playerid);
					GivePlayerMoney(playerid,PlayerInfo[playerid][pCash]);
	  				SetPlayerInterior(playerid,5);
	   				SendClientMessage(playerid,COLOR_WHITE,"You have been successfully logged in to your user account.");
	    			TogglePlayerSpectating(playerid,false);
	    			SpawnPlayer(playerid);
				}
				else
				{
					SendClientMessage(playerid,COLOR_GREY,#Invalid password combination);
                	ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
					return 1;
				}
            }
        }

If anyone could possibly help me, I'd be extremely greatful and will rep you of course.

[Vince]

Quote:

Originally Posted by Blunt saving passwords, which are not hashed.

Stop.

[Kaperstone]

Are you seriously unhashed storing passwords ?

People trust you with their passwords.
You store their passwords unhashed, a hacker hacks into your VPS, and hello mama.
And who knows if they're using the same password for ********, ******* or any other software/website.

As this nigg-bro said

Quote:

Originally Posted by Vince Stop.

Don't mind hashing ? don't put registerations or don't host a server at all.


plus it isn't that hard to add -
Whirlpool - https://sampforum.blast.hk/showthread.php?tid=65290
or
bcrypt - https://sampforum.blast.hk/showthread.php?tid=453544

[Blunt]

I wasn't planning on hosting a server or anything of the sort, I know how to hash passwords I was just trying it without hashing it and it was not working

[Threshold]

I think at this point we can just call it quits on that and let ourselves believe "it will never work". Always hash your goddamn passwords...

[Rudy_]

So you're not going to help him just because he don't want to hash his passwords? Seriously, Just don't even bother to reply ffs.

[Threshold]

And so I shouldn't. It's an invasion of his user's privacy and he has no right to do so. If I'm going to help someone, it might as well be in the right way... and the right way is to tell him to hash his passwords.

[Blunt]

Quote:

Originally Posted by Threshold And so I shouldn't. It's an invasion of his user's privacy and he has no right to do so. If I'm going to help someone, it might as well be in the right way... and the right way is to tell him to hash his passwords.

This is a the scripting help section and if you're going to reply, please reply with some sort of help towards my topic. I didn't ask for criticism, I asked for help.

If you was mature enough, you would've simply suggested that instead of using non-hashed passwords, I use hashed versions.

But anyway, I want to know how to save 'NON-HASHED' passwords, and I am aware of the fact that people who register aren't secure to register on the script, however. It was not intended for public use, it was for my own use and like I said above, if you're not here to help me, then direct yourself away and do not comment.

[Rudy_]

Maybe try? Most likely not going to work but give it a shot

pawn Код:

case DIALOG_REGISTER:
        {
            new INI:File = INI_Open(UserPath(playerid));
            if(!response) return Kick(playerid);
            if(response)
            {
                if(!strlen(inputtext))
                {
                    SendClientMessage(playerid,COLOR_GREY,#Invalid registeration password.);
                    ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_INPUT,"User account registration","Type in a password combination in order \nto registrate your new account.","Register","Leave");
                }
                INI_SetTag(File,"DATA");
                INI_WriteString(File,"Password",inputtext);
                INI_WriteInt(File,"Cash",0);
                INI_WriteInt(File,"Kills",0);
                INI_WriteInt(File,"Admin",0);
                INI_WriteInt(File,"Skin",0);
                INI_WriteInt(File,"SkinChanges",0);
                INI_WriteInt(File,"Spawned",0);
                INI_WriteInt(File,"Level",0);
                INI_WriteInt(File,"Donator",0);
                INI_WriteInt(File,"FightStyle",0);
                INI_WriteInt(File,"Deaths",0);
                INI_WriteInt(File,"Warnings",0);
                INI_WriteInt(File,"Kicks",0);
                INI_Close(File);
                ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
            }
        }
        case DIALOG_LOGIN:
        {
            if(!response) return Kick (playerid);
            if(response)
            {
                if(!strlen(inputtext))
                {
                    SendClientMessage(playerid,COLOR_GREY,#Invalid password combination);
                    ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
                    return 1;
                }
                if(strcmp(inputtext,PlayerInfo[playerid][pPass],true))
                {
                    INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid);
                    SetPlayerScore(playerid,PlayerInfo[playerid][pKills]);
                    ResetPlayerMoney(playerid);
                    GivePlayerMoney(playerid,PlayerInfo[playerid][pCash]);
                    SetPlayerInterior(playerid,5);
                    SendClientMessage(playerid,COLOR_WHITE,"You have been successfully logged in to your user account.");
                    TogglePlayerSpectating(playerid,false);
                    SpawnPlayer(playerid);
                }
                else if(strcmp(inputtext,PlayerInfo[playerid][pPass],false))
                {
                    SendClientMessage(playerid,COLOR_GREY,#Invalid password combination);
                    ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
                    return 1;
                }
            }
        }

[Threshold]

Quote:

If you was mature enough, you would've simply suggested that instead of using non-hashed passwords, I use hashed versions.

Uh, that is what I suggested

If you two are really going to be pests about it... here, I've fixed Rudy's code a bit:

pawn Код:

case DIALOG_REGISTER:
        {
            if(!response) return Kick(playerid);
            if(!strlen(inputtext))
            {
                SendClientMessage(playerid,COLOR_GREY,#Invalid registeration password.);
                ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_INPUT,"User account registration","Type in a password combination in order \nto registrate your new account.","Register","Leave");
                return 1;
            }
            new INI:File = INI_Open(UserPath(playerid));
            INI_SetTag(File,"DATA");
            INI_WriteString(File,"Password",inputtext);
            INI_WriteInt(File,"Cash",0);
            INI_WriteInt(File,"Kills",0);
            INI_WriteInt(File,"Admin",0);
            INI_WriteInt(File,"Skin",0);
            INI_WriteInt(File,"SkinChanges",0);
            INI_WriteInt(File,"Spawned",0);
            INI_WriteInt(File,"Level",0);
            INI_WriteInt(File,"Donator",0);
            INI_WriteInt(File,"FightStyle",0);
            INI_WriteInt(File,"Deaths",0);
            INI_WriteInt(File,"Warnings",0);
            INI_WriteInt(File,"Kicks",0);
            INI_Close(File);
            ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
            return 1;
        }
        case DIALOG_LOGIN:
        {
            if(!response) return Kick(playerid);
            if(!strlen(inputtext) || strcmp(inputtext,PlayerInfo[playerid][pPass],false))
            {
                SendClientMessage(playerid,COLOR_GREY,#Invalid password combination);
                ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"User account log-in","Type in your password combination in order \nto log-in to your account","Login","Leave");
                return 1;
            }
            INI_ParseFile(UserPath(playerid), "LoadUser_%s", .bExtra = true, .extra = playerid);
            SetPlayerScore(playerid,PlayerInfo[playerid][pKills]);
            ResetPlayerMoney(playerid);
            GivePlayerMoney(playerid,PlayerInfo[playerid][pCash]);
            SetPlayerInterior(playerid,5);
            SendClientMessage(playerid,COLOR_WHITE,"You have been successfully logged in to your user account.");
            TogglePlayerSpectating(playerid,false);
            SpawnPlayer(playerid);
            return 1;
        }