1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Linear Mode
[HELP]MySQL md5/Whirpool hash(setting)
erorche
Big Clucker
***
Posts: 72
Threads: 34
Joined: Jan 2013
Reputation: 0
#1

30.11.2013, 14:56
Hello,dear scripters i'v found some bugs of my gamemode(luckely)the login/registering system...my system is MySQL and i'm afraid hosting it without Whirpool or md5 or SHA1 becouse isn't safe for my players they could get hack and i will lose my players...can somebody install md5,sha1 or whirpool on the scripts? please and one quiestion,is possible to get hacked without whirpool,md5,sha1 ?

CODES:

pawn Код:
public OnPlayerRegister(playerid, password[])
{
    if(IsPlayerConnected(playerid))
    {
        new string[128];
        new pName[MAX_PLAYER_NAME];
        pName = PlayerName(playerid);
        if(AccountExists(pName))
        {
            SendClientMessage(playerid, COLOR_WHITE, "ERROR! Your account exists! Please reconnect, if this repeats contact administrators on forums!");
            Kick(playerid);
            return 1;
        }
        new Escape[2][128];
        mysql_real_escape_string(pName, Escape[0]); // This function makes sure you don't get MySQL injected. Read about it by searching it on ******.
        SaveToMysql(password);
        mysql_real_escape_string(password, Escape[1]);
        format(string, 128, "INSERT INTO players (`Name`, `Key`) VALUES('%s', '%s')", Escape[0], Escape[1]);
        mysql_query_ex(string);
        gPlayerAccount[playerid] = 1;
        JustReg[playerid] = 1;
        OnPlayerDataSave(playerid);
    }
    return 1;
}
public OnPlayerLogin(playerid,password[])
{
    SendClientMessage(playerid, COLOR_WHITE, "Logging you in.");
    new string2[128], string[1024], pName[MAX_PLAYER_NAME], Escape[2][128], result[128];//keystring[256],
    pName = PlayerName(playerid);
    mysql_real_escape_string(pName, Escape[0]);
    SaveToMysql(password);
    mysql_real_escape_string(password, Escape[1]);
    format(string, sizeof(string), "SELECT * FROM players WHERE `Name`='%s' AND `Key`='%s'",Escape[0],Escape[1]);
    mysql_query_ex(string);
    mysql_store_result();
    SendClientMessage(playerid, COLOR_WHITE, "Checking your password...");
    if(mysql_num_rows() == 0)
    {
        mysql_free_result();
        SendClientMessage(playerid, COLOR_RED, "Your password is wrong!");
        ShowPlayerDialog(playerid, LOGIN_DIALOG, 1, "{3399CC}Information", "{FFFFFF}You have an account here, please type below your password to login.", "Login", "Quit");
        WrongPass[playerid]++;
        if(WrongPass[playerid]>6)
        {
            Kick(playerid);
        }
        return 1;
    }
Find
Reply
« Next Oldest | Next Newest »


Messages In This Thread
[HELP]MySQL md5/Whirpool hash(setting) - by erorche - 30.11.2013, 14:56
Re: [HELP]MySQL md5/Whirpool hash(setting) - by knackworst - 30.11.2013, 15:10
Re: [HELP]MySQL md5/Whirpool hash(setting) - by dominik523 - 30.11.2013, 15:18
Re: [HELP]MySQL md5/Whirpool hash(setting) - by erorche - 30.11.2013, 15:27
Re: [HELP]MySQL md5/Whirpool hash(setting) - by dominik523 - 30.11.2013, 16:12
Re: [HELP]MySQL md5/Whirpool hash(setting) - by erorche - 30.11.2013, 16:17
Re: [HELP]MySQL md5/Whirpool hash(setting) - by dominik523 - 30.11.2013, 16:21
Re: [HELP]MySQL md5/Whirpool hash(setting) - by erorche - 30.11.2013, 16:23
Re: [HELP]MySQL md5/Whirpool hash(setting) - by dominik523 - 30.11.2013, 17:03

Forum Jump:


Users browsing this thread: 3 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help