01.09.2015, 10:26
Hello, i've been working on the register and login system of a new project!
But i have a problem with password hashing, I am using Whirlpool hashing function, but the problem is that when the player registers there is nothing in the "Password" field it's blank, so people can login with random passwords on the account
Here's a picture:
and here is my code
Hope you can help me out with this one, i've been trying to fix this for some hours already and still can't figure out the problem!
Thank You for reading!
But i have a problem with password hashing, I am using Whirlpool hashing function, but the problem is that when the player registers there is nothing in the "Password" field it's blank, so people can login with random passwords on the account
Here's a picture:
and here is my code
PHP код:
// Includes
#include <a_samp>
#include <a_mysql>
// Native WP_Hash On top of the script
native WP_Hash(buffer[], len, const str[]);
// mysql defines
#define mysql_host "localhost"
#define mysql_user "root"
#define mysql_password ""
#define mysql_database "sfrp"
// Dialogs defines
#define RegDialog 0
#define LoginDialog 1
// playerdata
enum playerInfo
{
Password[129],
skin,
db_id
}
new pInfo[MAX_PLAYERS][playerInfo];
// forwards
forward CheckUser(playerid);
forward CheckPassword(playerid);
// mysql variable
new dbhandle;
// OnGameModeInit
dbhandle = mysql_connect(mysql_host, mysql_user, mysql_database, mysql_password);
if(mysql_errno() != 0)
{
printf("[MySQL] Failed to connect.");
}
else
{
printf("[MySQL] Succesfully connected.");
}
// OnGameModeExit
mysql_close(dbhandle);
// OnPlayerConnect
new query[128];
mysql_format(dbhandle, query, sizeof(query), "SELECT `Password`, `ID` FROM `users` WHERE `Username` = '%e' LIMIT 1", PlayerName(playerid));
mysql_tquery(dbhandle, query, "CheckUser", "i", playerid);
// OnPlayerDisconnect
// SavePlayerStats
SavePlayerStats(playerid);
ResetPlayerStats(playerid);
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
/***************
Login Dialog
****************/
if(dialogid == LoginDialog)
{
if(response)
{
if (strlen(inputtext) > 0)
{
new hashpass[129], query[128];
WP_Hash(hashpass, sizeof(hashpass), inputtext);
if(!strcmp(hashpass, pInfo[playerid][Password]))
{
mysql_format(dbhandle, query, sizeof(query), "SELECT * FROM `users` WHERE `Username` = '%e' LIMIT 1", PlayerName(playerid));
mysql_tquery(dbhandle, query, "CheckPassword", "i", playerid);
}
}
else
{
new string[159 + MAX_PLAYER_NAME];
format(string, sizeof(string),"Hello %s, Welcome to San Fierro Roleplay.\n\nAccount status: {00FF00}Registered.\n\n{FF0000}You must type the password related to this account to login.", PlayerName(playerid));
ShowPlayerDialog(playerid, LoginDialog, DIALOG_STYLE_PASSWORD, "{00FF00}Account found - Logging in...", string, "Login", "Cancel");
}
}
else
{
Kick(playerid);
}
return 1;
}
/***************
Register Dialog
****************/
if(dialogid == RegDialog)
{
if(response)
{
if (strlen(inputtext) > 0)
{
new query[128];
WP_Hash(pInfo[playerid][Password], 129, inputtext);
mysql_format(dbhandle, query, sizeof(query), "INSERT INTO `users` (`Username`, `Password`) VALUES ('%e', '%e')", PlayerName(playerid), pInfo[playerid][Password]);
mysql_tquery(dbhandle, query, "", "");
}
else
{
new string[145 + MAX_PLAYER_NAME];
format(string, sizeof(string), "Hello %s, Welcome to San Fierro Roleplay.\n\nAccount status: {FF0000}Unregistered.\n\nYou must create a password below to register this account.", PlayerName(playerid));
ShowPlayerDialog(playerid, RegDialog, DIALOG_STYLE_INPUT, "{FF0000}Account not found - Registering...", string, "Register", "Cancel");
}
}
else
{
Kick(playerid);
}
return 1;
}
return 1;
}
// Functions
SavePlayerStats(playerid)
{
new query[128];
mysql_format(dbhandle, query, sizeof(query), "UPDATE `users` SET `Skin` = %i WHERE `ID` = %i", GetPlayerSkin(playerid), pInfo[playerid][db_id]);
mysql_tquery(dbhandle, query, "", "");
return 1;
}
ResetPlayerStats(playerid)
{
for (new i=0; i< sizeof(pInfo[]); i++)
{
pInfo[playerid][playerInfo:i] = 0;
}
return 1;
}
// Callbacks
public CheckUser(playerid)
{
new rows, fields;
cache_get_data(rows, fields, dbhandle);
if (rows == 0)
{
new string[152 + MAX_PLAYER_NAME];
format(string, sizeof(string), "Hello %s, Welcome to San Fierro Roleplay.\n\nAccount status: {FF0000}Unregistered.\n\n{9AB3D0}Create a password below to register this account.", PlayerName(playerid));
ShowPlayerDialog(playerid, RegDialog, DIALOG_STYLE_INPUT, "{FF0000}Account not found - Registering...", string, "Register", "Cancel");
}
else
{
new string[152 + MAX_PLAYER_NAME];
cache_get_field_content(0, "Password", pInfo[playerid][Password], dbhandle, 129);
pInfo[playerid][db_id] = cache_get_field_content_int(0, "ID");
format(string, sizeof(string), "Hello %s, Welcome to San Fierro Roleplay.\n\nAccount status: {00FF00}Registered.\n\n{9AB3D0}Type the password related to this account to login.", PlayerName(playerid));
ShowPlayerDialog(playerid, LoginDialog, DIALOG_STYLE_PASSWORD, "{00FF00}Account found - Logging in...", string, "Login", "Cancel");
}
return 1;
}
public CheckPassword(playerid)
{
pInfo[playerid][skin] = cache_get_field_content_int(0, "Skin");
return 1;
}
Thank You for reading!
