1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
[+REP] mysql small issue
ahmedraed
Big Clucker
***
Posts: 110
Threads: 34
Joined: Jun 2015
Reputation: 0
#1

01.02.2016, 16:32
Hello,i've scripted a login/register system and it works fine but the problem is when i hash the passwords and then login again and type the password it says wrong password

On Register Dialog:
Quote:

WP_Hash(hashpass, sizeof(hashpass), inputtext);
mysql_format(mysql, query, sizeof(query), "INSERT INTO `users`(`Password`) VALUES ('%e')", hashpass);
mysql_query(mysql, query);
On Login Dialog:

Quote:

WP_Hash(hashpass, sizeof(hashpass), inputtext);
mysql_format(mysql, query, sizeof(query),"SELECT * FROM `users` WHERE `Password` = '%s'", hashpass);
mysql_query(mysql, query);
the sizeof hashpass is 129 and it hashs the pass but seems it doesn't compare it properly so...Note that if i removed the hash system it works fine
Find
Reply
LetsOWN[PL]
Huge Clucker
****
Posts: 328
Threads: 19
Joined: May 2011
Reputation: 0
#2

01.02.2016, 16:37
Try to print those queries and see what might be wrong with them.
Find
Reply
ahmedraed
Big Clucker
***
Posts: 110
Threads: 34
Joined: Jun 2015
Reputation: 0
#3

01.02.2016, 16:41
well..the both hash are exactly the same so...
Login one:
F2BA79098F5F37BBD4EE105894EC1EE73205B579DA615E24B5 76C287A7ABC6EF0B72AB43D128083494497F4EE2282CA6F24E EE9C70BC03453D81995BDA9F6991
Register One:
F2BA79098F5F37BBD4EE105894EC1EE73205B579DA615E24B5 76C287A7ABC6EF0B72AB43D128083494497F4EE2282CA6F24E EE9C70BC03453D81995BDA9F6991

Quote:

WP_Hash(hashpass, sizeof(hashpass), inputtext);
mysql_format(mysql, query, sizeof(query),"SELECT * FROM `users` WHERE `Name` = '%s' AND `Password` = '%s'",pInfo[playerid][Name], hashpass);
mysql_query(mysql, query);
printf("%s",hashpass);
new rows = cache_num_rows();
if(rows == 0)
{
SendClientMessage(playerid, RED, "Wrong Password!");
ShowPlayerDialog(playerid, LOGIN_DIALOG, DIALOG_STYLE_INPUT, "Login..", "Welcome! Please Enter Your Password To Login", "Login", "Cancel");
}
else if(rows == 1)
{
SendClientMessage(playerid, GREEN, "You have successfuly logined!");
return 1;
}
Find
Reply
pollo97
Big Clucker
***
Posts: 83
Threads: 22
Joined: Sep 2011
Reputation: 0
#4

01.02.2016, 16:44
If you would encrypt password, you may do this without using WP_Hash function.

Register:
Код:
mysql_format(mysql, query, sizeof(query), "INSERT INTO `users`(`Password`) VALUES (md5('%s'))",password);
mysql_query(mysql, query);
Login:
Код:
new name[MAX_PLAYER_NAME];
GetPlayerName(playerid,name,sizeof(name));
mysql_format(mysql, query, sizeof(query),"SELECT * FROM `users` WHERE Username='%s' AND`Password` = md5('%s')",name,password);
mysql_query(mysql, query);
Find
Reply
ahmedraed
Big Clucker
***
Posts: 110
Threads: 34
Joined: Jun 2015
Reputation: 0
#5

01.02.2016, 16:46
as i know md5 isn't safe/secure?
EDIT: w/e i tested it..md5 works but if possible i want to try whirlpool as i think it is safer than md5
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help