Login

Darkay · 17.11.2017, 21:54

Hello guys, i have a little problem with the encrypt of password, if you login but you dont put your password right, you will spawn with the coordenate 0,0,0,0,0 health 0, etc.. its a little bug, but i don't know if i'm making it correctly, this is the code that i have... pd: is my GM since 0

Код:

//QueryFinish
forward OnQueryFinish(resultid, extraid, ConnectionHandle);
public OnQueryFinish(resultid, extraid, ConnectionHandle)
{
    new Rows, Field, content[20];
    if(resultid != 0)
    {
        cache_get_data(Rows, Field);
    }
    switch(resultid)
    {
        case 1:
        {
            if(Rows == 1)
            {
            }
            else if(!Rows)
            {
			   Kick(extraid);
            }
        }
        case 2:
        {
            if(Rows == 1)
			{
                cache_get_field_content(0, "id_account", content); gpi[extraid][id] = strval(content);
                cache_get_field_content(0, "taxi", content); gpi[extraid][CheckTaxi] = strval(content);
                new gquery[256];
    			format(gquery, sizeof(gquery), "SELECT `password` = SHA1('%s'), `email` = SHA1('%s') FROM `accounts` WHERE name='%s'",gpi[extraid][Password],gpi[extraid][email],gname(extraid));
    			mysql_function_query(gmysql, gquery, true, "", "",2, extraid);
                ShowPlayerDialog(extraid, login1, DIALOG_STYLE_INPUT,"Esta cuenta esta registrada", "Ingresa tu email:","Siguiente","Salir");
            }
            else if(!Rows)
			{
                ShowPlayerDialog(extraid, register1, DIALOG_STYLE_INPUT,"Esta cuenta no esta registrada","Ingresa un email (valido):","Siguiente","Salir");
            }
        }
    }
    return 1;
}

//DIALOG RESPONSE
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
    new stringp[128], stringe[128];
    switch(dialogid)
    {
		case login1:
		{
		    if(!response) Kick(playerid);
            if(!strcmp(inputtext, gpi[playerid][email]))
            {
				return ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[TNW] Loguear cuenta", "Ingrese su contraseсa:", "Entrar", "Salir");
            }
            else
            {
                SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Email incorrecto, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login1, DIALOG_STYLE_INPUT, "[Error] Email incorrecto", "Ingrese su email", "Siguiente", "Salir");
            }
        }
        case login2:
        {
            if(!response) Kick(playerid);
			if(!strcmp(inputtext, gpi[playerid][Password]))
			{
				OnPlayerLoad(playerid);
			}
			else
			{
			    SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Contraseсa incorrecta, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[Error] Contraseсa incorrecta", "Ingrese su contraseсa", "Siguiente", "Salir");
 			}
		}
        case register1:
        {
            if(!response) return Kick(playerid);
            if(strlen(inputtext) < 10)
            {
                SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Por favor ingrese un email valido.");
                return ShowPlayerDialog(playerid, register1, DIALOG_STYLE_INPUT, "[Error] Verifique su email","Ingresa un email (valido):", "Siguiente", "Salir");
            }
            else
			{
				format(stringe, sizeof(stringe), "%s", inputtext); gpi[playerid][email] = stringe;
				return ShowPlayerDialog(playerid, register2, DIALOG_STYLE_INPUT, "[TNW] Registrando cuenta paso 2/3", "Ingrese una contraseсa para su cuenta:", "siguiente", "salir");
   			}
            
        }
        case register2:
        {
            if(!response) return Kick(playerid);
			if(strlen(inputtext) < 3)
			{
			    SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Su contraseсa debe tener mбs de 3 caracteres.");
			    return ShowPlayerDialog(playerid, register2, DIALOG_STYLE_INPUT, "[Error] Verifique su contraseсa", "Ingrese una contraseсa para su cuenta:", "Siguiente", "Salir");
   			}
   			else
   			{
   			    format(stringp, sizeof(stringp), "%s", inputtext); gpi[playerid][Password] = stringp;
   			    return ShowPlayerDialog(playerid, register3, DIALOG_STYLE_LIST, "[TNW] Registrando cuenta paso 3/3", "\nHombre \nMujer ", "Siguiente", "Salir");
		    }
      	}
      	case register3:
      	{
      	    switch(listitem)
        	{
        	    case 0: gpi[playerid][gender] = 1;
        	    case 1: gpi[playerid][gender] = 2;
		 	}
		 	new gquery[256];
			format(gquery, sizeof(gquery), "INSERT INTO `accounts` (name, password, email) VALUES ('%s',SHA1('%s'), SHA1('%s'))",gname(playerid), gpi[playerid][Password],gpi[playerid][email]);
			mysql_function_query(gmysql, gquery, true, "OnAccountRegister", "ii", 0, playerid);
   		}
   	}
    return 1;
}

Swankeh · 18.11.2017, 01:39

Quote:

Originally Posted by Darkay

Hello guys, i have a little problem with the encrypt of password, if you login but you dont put your password right, you will spawn with the coordenate 0,0,0,0,0 health 0, etc.. its a little bug, but i don't know if i'm making it correctly, this is the code that i have... pd: is my GM since 0

Код:

//QueryFinish
forward OnQueryFinish(resultid, extraid, ConnectionHandle);
public OnQueryFinish(resultid, extraid, ConnectionHandle)
{
    new Rows, Field, content[20];
    if(resultid != 0)
    {
        cache_get_data(Rows, Field);
    }
    switch(resultid)
    {
        case 1:
        {
            if(Rows == 1)
            {
            }
            else if(!Rows)
            {
			   Kick(extraid);
            }
        }
        case 2:
        {
            if(Rows == 1)
			{
                cache_get_field_content(0, "id_account", content); gpi[extraid][id] = strval(content);
                cache_get_field_content(0, "taxi", content); gpi[extraid][CheckTaxi] = strval(content);
                new gquery[256];
    			format(gquery, sizeof(gquery), "SELECT `password` = SHA1('%s'), `email` = SHA1('%s') FROM `accounts` WHERE name='%s'",gpi[extraid][Password],gpi[extraid][email],gname(extraid));
    			mysql_function_query(gmysql, gquery, true, "", "",2, extraid);
                ShowPlayerDialog(extraid, login1, DIALOG_STYLE_INPUT,"Esta cuenta esta registrada", "Ingresa tu email:","Siguiente","Salir");
            }
            else if(!Rows)
			{
                ShowPlayerDialog(extraid, register1, DIALOG_STYLE_INPUT,"Esta cuenta no esta registrada","Ingresa un email (valido):","Siguiente","Salir");
            }
        }
    }
    return 1;
}

//DIALOG RESPONSE
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
    new stringp[128], stringe[128];
    switch(dialogid)
    {
		case login1:
		{
		    if(!response) Kick(playerid);
            if(!strcmp(inputtext, gpi[playerid][email]))
            {
				return ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[TNW] Loguear cuenta", "Ingrese su contraseсa:", "Entrar", "Salir");
            }
            else
            {
                SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Email incorrecto, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login1, DIALOG_STYLE_INPUT, "[Error] Email incorrecto", "Ingrese su email", "Siguiente", "Salir");
            }
        }
        case login2:
        {
            if(!response) Kick(playerid);
			if(!strcmp(inputtext, gpi[playerid][Password]))
			{
				OnPlayerLoad(playerid);
			}
			else
			{
			    SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Contraseсa incorrecta, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[Error] Contraseсa incorrecta", "Ingrese su contraseсa", "Siguiente", "Salir");
 			}
		}
        case register1:
        {
            if(!response) return Kick(playerid);
            if(strlen(inputtext) < 10)
            {
                SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Por favor ingrese un email valido.");
                return ShowPlayerDialog(playerid, register1, DIALOG_STYLE_INPUT, "[Error] Verifique su email","Ingresa un email (valido):", "Siguiente", "Salir");
            }
            else
			{
				format(stringe, sizeof(stringe), "%s", inputtext); gpi[playerid][email] = stringe;
				return ShowPlayerDialog(playerid, register2, DIALOG_STYLE_INPUT, "[TNW] Registrando cuenta paso 2/3", "Ingrese una contraseсa para su cuenta:", "siguiente", "salir");
   			}
            
        }
        case register2:
        {
            if(!response) return Kick(playerid);
			if(strlen(inputtext) < 3)
			{
			    SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Su contraseсa debe tener mбs de 3 caracteres.");
			    return ShowPlayerDialog(playerid, register2, DIALOG_STYLE_INPUT, "[Error] Verifique su contraseсa", "Ingrese una contraseсa para su cuenta:", "Siguiente", "Salir");
   			}
   			else
   			{
   			    format(stringp, sizeof(stringp), "%s", inputtext); gpi[playerid][Password] = stringp;
   			    return ShowPlayerDialog(playerid, register3, DIALOG_STYLE_LIST, "[TNW] Registrando cuenta paso 3/3", "\nHombre \nMujer ", "Siguiente", "Salir");
		    }
      	}
      	case register3:
      	{
      	    switch(listitem)
        	{
        	    case 0: gpi[playerid][gender] = 1;
        	    case 1: gpi[playerid][gender] = 2;
		 	}
		 	new gquery[256];
			format(gquery, sizeof(gquery), "INSERT INTO `accounts` (name, password, email) VALUES ('%s',SHA1('%s'), SHA1('%s'))",gname(playerid), gpi[playerid][Password],gpi[playerid][email]);
			mysql_function_query(gmysql, gquery, true, "OnAccountRegister", "ii", 0, playerid);
   		}
   	}
    return 1;
}

I recommend you to see this tutorial to start using MYSQL and create your registration system, and after you analyze and understand you can add the electronic mail system and things like that.

https://sampforum.blast.hk/showthread.php?tid=627520

Apart from that the function that you use to encrypt the passwords I do not recommend it for SAMP, you can use https://sampwiki.blast.hk/wiki/SHA256_PassHash and if you want you can read it with SHA256_PassHash (inputtext, salt, stored_variable, 65);
In this tutorial he explains very well and encrypts it with SALT by password.

Since what I imagine that you are reading when checking if the account exists would be something like this: 4f474f1cddd848b0e1dcec56650477ce656ff403e44940151e 78b847ebbb51c7609f210fdf61c672d5df4ed55883aa91fd44 fb875875857a10122d3c94acda0c

Then at the moment of reading the password and storing it in the variable, the dialog would verify if the user wrote:
4f474f1cddd848b0e1dcec56650477ce656ff403e44940151e 78b847ebbb51c7609f210fdf61c672d5df4ed55883aa91fd44 fb875875857a10122d3c94acda0c
And I would not verify the actual password without encrypting.

wallee · 18.11.2017, 01:41

Replace this:

Код:

if(!strcmp(inputtext, gpi[playerid][Password]))

With this:

Код:

if(!strcmp(inputtext, gpi[playerid][Password]) && !isnull(inputtext))

Darkay · 11.12.2017, 14:16

now... i can't fix it...

Код:

case login1:
		{
		    if(!response) Kick(playerid);
		    new Salted_Key[65];
			SHA256_PassHash(inputtext, gpi[playerid][Salt], Salted_Key, 65);
			if(strcmp(Salted_Key, gpi[playerid][email]) == 0 || !IsNull(inputtext))
			{
				return ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[TNW] Loguear cuenta", "Ingrese su contraseсa:", "Entrar", "Salir");
            }
            else
            {
                SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Email incorrecto, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login1, DIALOG_STYLE_INPUT, "[Error] Email incorrecto", "Ingrese su email", "Siguiente", "Salir");
            }
        }
        case login2:
        {
            if(!response) Kick(playerid);
            new Salted_Key[65];
			SHA256_PassHash(inputtext, gpi[playerid][Salt], Salted_Key, 65);
			if(strcmp(Salted_Key, gpi[playerid][Password]) == 0 || !IsNull(inputtext))
			{
			    new gquery[260];
				format(gquery, sizeof(gquery), "SELECT * FROM `users` WHERE `account_id`='%d'",gpi[playerid][id]);
				mysql_function_query(gconection, gquery, true, "MysqlPlayerLoad", "i", playerid);
				format(gquery, sizeof(gquery), "SELECT * FROM `jobs` WHERE `account_id`='%d'",gpi[playerid][id]);
				mysql_function_query(gconection, gquery, true, "MysqlJobsLoad", "i", playerid);
				format(gquery, sizeof(gquery), "SELECT * FROM `cars` WHERE `account_id`='%d'",gpi[playerid][id]);
				mysql_function_query(gconection, gquery, true, "MysqlCarsLoad", "i", playerid);
			}
			else
			{
			    SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Contraseсa incorrecta, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[Error] Contraseсa incorrecta", "Ingrese su contraseсa", "Siguiente", "Salir");
 			}
		}

Код:

if(rows == 1)
            {
                cache_get_field_content(0, "id_account", content); gpi[playerid][id] = strval(content);
                cache_get_field_content(0, "taxig", content); gpi[playerid][gtaxi] = strval(content);
                cache_get_field_content(0, "password", gpi[playerid][Password]);
                cache_get_field_content(0, "email", gpi[playerid][email]);
				ShowPlayerDialog(playerid, login1, DIALOG_STYLE_INPUT,"Esta cuenta esta registrada", "Ingresa tu email:","Siguiente","Salir");
            }
            else if(!rows)
            {
                ShowPlayerDialog(playerid, register1, DIALOG_STYLE_INPUT,"Esta cuenta no esta registrada","Ingresa un email (valido):","Siguiente","Salir");
            }

RIDE2DAY · 11.12.2017, 14:21

Dude, why did you change the logical operator by ||? wallee told you what you must use.

On the other hand, that script really sucks, it doesn't make sense at all. Why are you using OnQueryFinish? Use threaded queries with their own callback.

Darkay · 11.12.2017, 14:36

i am no t using queryfinish

RIDE2DAY · 11.12.2017, 14:47

Quote:

Originally Posted by Darkay

i am no t using queryfinish

Of course, that's why the code of your first post begins with it.

As that guy said above, you better follow a tutorial.

Darkay · 11.12.2017, 14:49

i change it, i created a new system using mysql r7 but i did not use OnQueryFinish

Darkay · 11.12.2017, 14:57

i did change it

Код:

 case login1:
		{
		    if(!response) Kick(playerid);
		    new Salted_Key[65];
			SHA256_PassHash(inputtext, gpi[playerid][Salt], Salted_Key, 65);
			if(strcmp(Salted_Key, gpi[playerid][email]) == 0 && !IsNull(inputtext))
			{
				return ShowPlayerDialog(playerid, login2, DIALOG_STYLE_PASSWORD, "[TNW] Loguear cuenta", "Ingrese su contraseсa:", "Entrar", "Salir");
            }
            else
            {
                SendClientMessage(playerid, -1, "[TNW] {D0FF00}Error: {FFFFFF}Email incorrecto, intentelo de nuevo.");
                ShowPlayerDialog(playerid, login1, DIALOG_STYLE_INPUT, "[Error] Email incorrecto", "Ingrese su email", "Siguiente", "Salir");
            }
        }

but the email is incorrectly always really i don't know so much of mysql but i wanna create a server and learn about it, please if you can fix my code i would thank you please :c

Login
Username:
Password:	Lost Password?
	Remember me