22.11.2014, 22:19
See how I utilize my password changing in MySQL(Xenon Gaming),
Basically, - hash the old password, and compare it to the one currently stored. If it matches, then proceed and hash the new one, - placing it into the database. I use whirlpool, how-ever you can replace it to suit your needs.
pawn Код:
if(dialogid == DIALOG_CONFIRM_PASS)
{
if(!response) return 1;
if(!strcmp(PasswordHash(inputtext), pInfo[playerid][pPass], false))
{
ShowPlayerDialog(playerid, DIALOG_CHANGE_PASSWORD, DIALOG_STYLE_INPUT, "New Password", "Please enter your new password.", "Change Pass", "Cancel");
SetPVarInt(playerid, "pConfirmedPW", 1);
return 1;
} else {
SendClientMessage(playerid, COLOR_WHITE, "Invalid password! Please try again.");
return 1;
}
}
if(dialogid == DIALOG_CHANGE_PASSWORD)
{
if(!response) return 1;
//if(GetPVarInt(playerid, "pConfirmPW") != 1) return 1; // They shouldn't be here then!
if(pInfo[playerid][pAdmin] > 0 && pInfo[playerid][pAdmin] < 7) return 1; // Admins can't change their own password without the help of a level 7 admin!
if(strlen(inputtext) < 6 || strlen(inputtext) > 129)
{
SendClientMessage(playerid, COLOR_WHITE, "Your password must be longer than 6 characters, and shorter than 129.");
DeletePVar(playerid, "pConfirmPW");
return 1;
}
else {
new newpassword[129];
format(newpassword, 129, "%s", PasswordHash(inputtext));
format(pInfo[playerid][pPass], 129, "%s", newpassword);
mysql_format(MySQLCon, query, sizeof(query), "UPDATE `players` SET `Pass`='%s' WHERE`ID`=%d AND `user`='%e'",
newpassword,
pInfo[playerid][pID],
PlayerName(playerid));
mysql_tquery(MySQLCon, query, "", "");
SendClientMessage(playerid, COLOR_WHITE, "Your password has been changed. Please relog to confirm changes.");
SetTimerEx("KickPlayer", 1000, false, "i", playerid);
new string[300];
format(string, sizeof(string), "[WARNING]: %s has changed their password(IP: %s - ID: %d)", GetName(playerid), PlayerIP(playerid), playerid);
print(string);
print(query);
}
}