[Tutorial] Easy MySQL Register/Login system!
#41

1. NEVER save passwords as plain text, never. Hash it (I'd recommend Whirlpool or SHA2) and salt it (prevents dictionary attacks).
Storing the password as text is a major security threat. If the database is ever compromised, the hacker will get the password immediately.

2. Add `id` field to the table (primary index, auto increment, unsigned integer)
This makes it easier and more efficient to deal with the accounts.

3. You should utilize the great caching functionality of the MySQL plugin. Fetching data is much more efficient using the cache.

4. Consider using ZCMD or YCMD instead OF DCMD, they are both faster than DCMD.

Quote:
Originally Posted by [HiC]TheKiller
View Post
1. Instead of using a enum just use PVars for all of them.
I would recommend this only if you might need to access the data for example from filterscripts as well. https://sampforum.blast.hk/showthread.php?tid=268499
Reply
#42

Thank ya!
Reply
#43

PHP Code:
C:\Documents and Settings\Mostafa\Desktop\Server\gamemodes\UACNR.pwn(344) : error 017undefined symbol "mysql_query"
C:\Documents and Settings\Mostafa\Desktop\Server\gamemodes\UACNR.pwn(396) : error 017undefined symbol "mysql_query"
C:\Documents and Settings\Mostafa\Desktop\Server\gamemodes\UACNR.pwn(420) : error 017undefined symbol "mysql_query"
C:\Documents and Settings\Mostafa\Desktop\Server\gamemodes\UACNR.pwn(460) : error 017undefined symbol "mysql_query" 
Help ?
Reply
#44

Code:
////////////////////////////////////////////////////////////////////////////////
#include <a_samp>
#include <a_mysql>
////////////////////////////////////////////////////////////////////////////////
#define MYSQL_HOST	"ip"
#define MYSQL_USER	"username"
#define MYSQL_DB	"database"
#define MYSQL_PASS 	"password"
////////////////////////////////////////////////////////////////////////////////
#define COLOR_RED 0x00FFFF
#define COLOR_YELLOW 0xFFFFFF
////////////////////////////////////////////////////////////////////////////////
#define MAX_PLAYER_PASSWORD 24
////////////////////////////////////////////////////////////////////////////////
#define LOGIN_DIALOG 1
#define REGISTER_DIALOG 2
////////////////////////////////////////////////////////////////////////////////

////////////////////////////////////////////////////////////////////////////////
enum PlayerInfo_t
{
	Name[MAX_PLAYER_NAME],
	Password[MAX_PLAYER_PASSWORD],
	Money,
	Score,
	Admin,
	LoggedIn,
	AccountExists,
	
}
////////////////////////////////////////////////////////////////////////////////
new PlayerInfo[MAX_PLAYERS][PlayerInfo_t];
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
//(Created by Westie)
explode(const sSource[], aExplode[][], const sDelimiter[] = " ", iVertices = sizeof aExplode, iLength = sizeof aExplode[]) // Created by Westie
{
	new
		iNode,
		iPointer,
		iPrevious = -1,
		iDelimiter = strlen(sDelimiter);

	while(iNode < iVertices)
	{
		iPointer = strfind(sSource, sDelimiter, false, iPointer);

		if(iPointer == -1)
		{
			strmid(aExplode[iNode], sSource, iPrevious, strlen(sSource), iLength);
			break;
		}
		else
		{
			strmid(aExplode[iNode], sSource, iPrevious, iPointer, iLength);
		}

		iPrevious = (iPointer += iDelimiter);
		++iNode;
	}
	return iPrevious;
}
////////////////////////////////////////////////////////////////////////////////
CheckAccountExists(account[])
{
	new string[128];
    	format(string, sizeof(string), "SELECT * FROM Users WHERE Name = '%s'", account);
    	mysql_query(string);

	mysql_store_result();

	new value;
	value = mysql_num_rows();
	mysql_free_result();
	return value;
}
////////////////////////////////////////////////////////////////////////////////
ConnectMySQL()
{
	if(mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_DB, MYSQL_PASS))
	    print("[SERVER-XA][MySQL] Connection to the MySQL Database was successfully!");

	else
	    print("[SERVER-XA][MySQL] Could not connect to the MySQL Database!");
}
CheckMySQL()
{
	if(mysql_ping() == -1)
		mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_DB, MYSQL_PASS);
}
////////////////////////////////////////////////////////////////////////////////
RegisterPlayer(playerid, password[])
{
	if(PlayerInfo[playerid][AccountExists])
		return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>You're already registered!");

 	if(PlayerInfo[playerid][LoggedIn])
		return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>You're already logged in!");

	if(strlen(password) < 3 || strlen(password) >= 32)
		return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>Your password is too short or too long!");

	CheckMySQL();

	new string[128];
	format(string, sizeof(string), "INSERT INTO Users (Name,Password) VALUES ('%s','%s')", PlayerInfo[playerid][ Name], password);
	mysql_query(string);

    	PlayerInfo[playerid][AccountExists] = 1;
	SendClientMessage(playerid, COLOR_YELLOW, "[SERVER-XA][ACCOUNT] >>Your account has been created, please login now!");

	LoginPlayer(playerid, password);
	return 1;
}

LoginPlayer(playerid, password[])
{
	if(!PlayerInfo[playerid][AccountExists])
		return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>You're not registered!");

	if(PlayerInfo[playerid][LoggedIn])
	    	return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>You're already logged in!");

 	if(strlen(password) < 3 || strlen(password) >= 32)
	    	return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>Your password is too short or too long!");

	CheckMySQL();

    	new string[128];
	format(string, sizeof(string), "SELECT * FROM Users WHERE Name = '%s' AND Password = '%s'", PlayerInfo[playerid][Name], password);
	mysql_query(string);
	mysql_store_result();

	if(!mysql_num_rows())
		return SendClientMessage(playerid, COLOR_RED, "[SERVER-XA][ACCOUNT] >>Incorrect password!");

	new row[128];
	new field[4][32]; 

	mysql_fetch_row_format(row, "|");
	explode(row, field, "|");
	mysql_free_result();

	format(PlayerInfo[playerid][Password], 32, "%s", field[1]);
 	PlayerInfo[playerid][Admin] = strval(field[2]);
 	PlayerInfo[playerid][Money] = strval(field[3]);

 	GivePlayerMoney(playerid,PlayerInfo[playerid][Money]);


	format(string, sizeof(string), "Welcome back %s, XATTACK!",PlayerInfo[playerid][Name]);
    	SendClientMessage(playerid, COLOR_YELLOW, string);

    	PlayerInfo[playerid][LoggedIn] = 1;
    	return 1;
}

SavePlayer(playerid)
{
	if(!PlayerInfo[playerid][LoggedIn])
		return 0;

	PlayerInfo[playerid][Money] = GetPlayerMoney(playerid);


	CheckMySQL();

    	new string[256];
    	format(string, sizeof(string), "UPDATE Users SET Password='%s',Admin='%d',Money='%d' WHERE Name='%s'",PlayerInfo[playerid][Password], PlayerInfo[playerid][Admin], PlayerInfo[playerid][Money], PlayerInfo[playerid][Name]);
    	mysql_query(string);
    	return 1;
}
////////////////////////////////////////////////////////////////////////////////
main()
{
	print("\n----------------------------------");
	print(" XAttack Gamemode Running.........");
	print("----------------------------------\n");
}
////////////////////////////////////////////////////////////////////////////////
public OnGameModeInit()
{
	SetGameModeText("LTX XAttack");
	AddPlayerClass(0, 1958.3783, 1343.1572, 15.3746, 269.1425, 0, 0, 0, 0, 0, 0);
	
	ConnectMySQL();
	return 1;
}
public OnGameModeExit()
{
	return 1;
}
////////////////////////////////////////////////////////////////////////////////

public OnPlayerRequestClass(playerid, classid)
{
	SetPlayerPos(playerid, 1958.3783, 1343.1572, 15.3746);
	SetPlayerCameraPos(playerid, 1958.3783, 1343.1572, 15.3746);
	SetPlayerCameraLookAt(playerid, 1958.3783, 1343.1572, 15.3746);
	return 1;
}

public OnPlayerConnect(playerid)
{
    GetPlayerName(playerid, PlayerInfo[playerid][Name], MAX_PLAYER_NAME);

	if(CheckAccountExists(PlayerInfo[playerid][Name]))
	{
		 PlayerInfo[playerid][AccountExists] = 1;
		 ShowPlayerDialog(playerid, LOGIN_DIALOG,DIALOG_STYLE_PASSWORD, "Login", "Enter your password to login.If you are a new user, this username is currently in use, please choose another username and restart the game.", "Login", "");
 	}
	else
	{
		PlayerInfo[playerid][AccountExists] = 0;
		ShowPlayerDialog(playerid, LOGIN_DIALOG,DIALOG_STYLE_PASSWORD, "Register", "This account is not registerd.Enter a password to register this account.", "Register", "");
  	}
	return 1;
}

public OnPlayerDisconnect(playerid, reason)
{
    SavePlayer(playerid);

	PlayerInfo[playerid][Admin] = 0;
	PlayerInfo[playerid][Money] = 0;
	return 1;
}
I get these errors
F:\SAMP\gamemodes\XAMode.pwn(81) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(82) : error 017: undefined symbol "mysql_query"
F:\SAMP\gamemodes\XAMode.pwn(84) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(121) : error 017: undefined symbol "mysql_query"
F:\SAMP\gamemodes\XAMode.pwn(123) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(124) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(143) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(144) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(145) : error 017: undefined symbol "mysql_query"
F:\SAMP\gamemodes\XAMode.pwn(166) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(182) : warning 217: loose indentation
F:\SAMP\gamemodes\XAMode.pwn(184) : error 017: undefined symbol "mysql_query"
Pawn compiler 3.2.3664 Copyright © 1997-2006, ITB CompuPhase


4 Errors.
Reply
#45

You forgot this...

Code:
stock GetName(playerid)
{
    new ime[MAX_PLAYER_NAME];
    GetPlayerName(playerid,ime,sizeof(ime));
    return ime;
}
Reply
#46

Hi my PAWN bro! I have one problem with 'mysql_query', yes I have update the include 'a_mysql.inc' and I have some errors:
Quote:

C:\Users\xxx\Desktop\0.3x\gamemodes\mytest.pwn(268 ) : error 017: undefined symbol "mysql_query"
C:\Users\xxx\Desktop\0.3x\gamemodes\mytest.pwn(292 ) : error 017: undefined symbol "mysql_query"
C:\Users\xxx\Desktop\0.3x\gamemodes\mytest.pwn(316 ) : error 017: undefined symbol "mysql_query"
C:\Users\xxx\Desktop\0.3x\gamemodes\mytest.pwn(356 ) : error 017: undefined symbol "mysql_query"

What's bad?
Reply
#47

This thread's bad because it is outdated. "mysql_query" has since long been removed from the plugin.
Reply
#48

Sorry but I have lot of error

C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(424) : error 017: undefined symbol "dcmd_register"
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(425) : error 017: undefined symbol "dcmd_login"
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(429) : warning 225: unreachable code
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(429) : error 017: undefined symbol "dcmd_register"
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(431) : error 017: undefined symbol "params"
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(435) : warning 225: unreachable code
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(435) : error 017: undefined symbol "dcmd_login"
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(437) : error 017: undefined symbol "params"
C:\Users\thomas\Desktop\alieni\gamemodes\Alieni neutre.pwn(440) : warning 225: unreachable code
Pawn compiler 3.2.3664 Copyright © 1997-2006, ITB CompuPhase

Can you help me please
Reply
#49

dont work
Reply
#50

Which version of MySQL is used here?
Reply
#51

error 017: undefined symbol "MYSQL_HOST" HELP ME

mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_DB, MYSQL_PASS);
Reply
#52

This tutorial is outdated.
That error line is self explanotary.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)