[Bakr]

Quote:

Originally Posted by Gh0sT_ 1. 16 bit for admin level? O_O 2. Why you're checking is player connected? There's no point I think

1. Some people like to use ridiculous admin levels like 1337, or what have you.
2. He uses them in stand-alone functions, which the user could use at any other time in the script. Better safe than sorry.

@Cowboy:
You don't want to open the database each time the player types a command to check if they're allowed to use it. The less interference with the database the best. Just retrieve that information when they login and store it into variables, which is already done in this tutorial. To add a statement and check if the player can use the command, just use:

pawn Code:

if( Bit16_Get( g_AdminLevel, playerid ) > 0 )

As for understand what the 30 was in the line of code; it's used to specify the max length of the result to where you store the result of the query to. The variable to store the data he created was 30 cells, so he used 30 in that case (you could use sizeof( variable) as well).

[Cowboy]

But I use enums, I don't want to use rBits, how would I store the adminlevel in a variable till they quit?

Also, what about the error I've got?

Thanks for the other information.

[AndreT]

This is basically what the code does right now:
1. Get the player's name
2. Format query
3. Get the player's name
4. Format message

It would be the best to avoid functions like that. Get the name once, use GetPlayerName in the same scope. And I don't think those connection checks are necessary there as the callbacks OnPlayerConnect, OnDialogResponse won't call if the player isn't connected.

[Lorenc_]

Quote:

Originally Posted by Gh0sT_ 1. 16 bit for admin level? O_O 2. Why you're checking is player connected? There's no point I think

At some points. When I script something big, something will bug up. So to double check I decided to insert that code.

@AndreT

What do you mean?

The returnplayernames doing something? Baah, can't you just do that yourself? remove some pieces of code. I ain't editing the whole thread to fix the getplayername things, it should work fine.

[XFlawless]

Good tutorial but this is exploitable by SQL Injections. It's better if you escape the input string using this.

[Lorenc_]

Quote:

Originally Posted by XFlawless Good tutorial but this is exploitable by SQL Injections. It's better if you escape the input string using this.

Will do thanks, I'll redo some things with that function

[AndreT]

Quote:

Originally Posted by Lorenc_ @AndreT What do you mean? The returnplayernames doing something? Baah, can't you just do that yourself? remove some pieces of code. I ain't editing the whole thread to fix the getplayername things, it should work fine.

What I meant was that even though the speed difference isn't noticeable in any case, it would make more sense to get the name only once during the process. I'm not saying that to bitch about efficiency or speed, I'm just hoping that coders who learn from tutorials do not get used to having useless wrapper functions like you have shown them. I'm not trying to offend you or anything though.

[vIBIENNYx]

Hey, I have encountered a small problem, even though I have downloaded rBits.inc and placed it in the "Include" folder I receive and error stating it cannot find / read it..

Can you help me please?

[Lorenc_]

Quote:

Originally Posted by AndreT What I meant was that even though the speed difference isn't noticeable in any case, it would make more sense to get the name only once during the process. I'm not saying that to bitch about efficiency or speed, I'm just hoping that coders who learn from tutorials do not get used to having useless wrapper functions like you have shown them. I'm not trying to offend you or anything though.

It's okay, though I don't see whats the point of going through the whole process of just replacing ReturnPlayerName, but what ever you say. I'll be replacing it in the next version along with using DB_Escape to exit exploits. The estimated time when this'll come is unknown due to me being quite busy at the moment.

EDIT: I've now updated the tutorial [ Version: 1.5 ]

Quote:

Originally Posted by vIBIENNYx Hey, I have encountered a small problem, even though I have downloaded rBits.inc and placed it in the "Include" folder I receive and error stating it cannot find / read it.. Can you help me please?

Replace your rBits include with:

pawn Code:

/*
    SA-MP "rBits" Include
    Copyright © 2011 RyDeR`
*/

#if defined _Included_rBits
    #endinput
#endif

#define _Included_rBits

#define BIT_TAGS \
    { Bit1, Bit2, Bit4, Bit8, Bit16 }

enum e_Bits
{
    Bit1,
    Bit2,
    Bit4,
    Bit8,
    Bit16,
    Bit32
};

#define Bit1:%0<%1> \
    Bit1: %0[((%1) + 31) >>> _: Bit32]

#define Bit1_Set(%0,%1,%2) \
    Bit_Set(%0, (%1), (%2), Bit1)

#define Bit1_Get(%0,%1) \
    Bit_Get(%0, (%1), Bit1)

#define Bit2:%0<%1> \
    Bit2: %0[((%1) + 15) >>> _: (Bit32 - Bit2)]

#define Bit2_Set(%0,%1,%2) \
    Bit_Set(%0, (%1), (%2), Bit2)

#define Bit2_Get(%0,%1) \
    Bit_Get(%0, (%1), Bit2)

#define Bit4:%0<%1> \
    Bit4: %0[((%1) + 7) >>> _: (Bit32 - Bit4)]

#define Bit4_Set(%0,%1,%2) \
    Bit_Set(%0, (%1), (%2), Bit4)

#define Bit4_Get(%0,%1) \
    Bit_Get(%0, (%1), Bit4)

#define Bit8:%0<%1> \
    Bit8: %0[(%1) char]

#define Bit8_Set(%0,%1,%2) \
    (_: %0{(%1)} = (%2))

#define Bit8_Get(%0,%1) \
    (_: %0{(%1)})

#define Bit16:%0<%1> \
    Bit16: %0[((%1) + 1) >>> _: (Bit32 - Bit16)]

#define Bit16_Set(%0,%1,%2) \
    Bit_Set(%0, (%1), (%2), Bit16)

#define Bit16_Get(%0,%1) \
    Bit_Get(%0, (%1), Bit16)

stock Bit_Set(BIT_TAGS: bitArr[], arrIdx, value, e_Bits: bitShift, arrSize = sizeof(bitArr))
{
    new
        bitVar = ((arrIdx & ((1 << _: (Bit32 - bitShift)) - 1)) << _: bitShift),
        bitLim = ((1 << (1 << _: bitShift)) - 1)
    ;
    if(!(0 <= (arrIdx >>>= _: (Bit32 - bitShift)) < arrSize))
        return 0;

    (_: bitArr[arrIdx]) &= ~(bitLim << bitVar);
    (_: bitArr[arrIdx]) |= ((bitLim & value) << bitVar);

    return 1;
}

stock Bit_Get(BIT_TAGS: bitArr[], arrIdx, e_Bits: bitShift, arrSize = sizeof(bitArr))
{
    new
        bitVar = ((arrIdx & ((1 << _: (Bit32 - bitShift)) - 1)) << _: bitShift),
        bitLim = ((1 << (1 << _: bitShift)) - 1)
    ;
    if(!(0 <= (arrIdx >>>= _: (Bit32 - bitShift)) < arrSize))
        return 0;

    return ((_: bitArr[arrIdx] >>> bitVar) & bitLim);
}

I get no errors on this.

[Cowboy]

Thanks for the SQL injections fix.

[Lorenc_]

Code:

* Fixed loading issue
* Uses DB_Escape
* Not using ReturnPlayerName and ReturnPlayerIP
* Slightly more efficient
* Much better in performance.

Those were the updates for anyone wondering, I've placed them inside the topic for anyone to look at.

[HotPlayer]

Nice tutorial !

[JaTochNietDan]

You haven't fixed the SQL injection vulnerabilities at all, I don't understand what you've tried doing in order to fix the vulnerability. Think about what you've done logically:

• Format the query string, putting in the raw, un-escaped inputtext variable
• Execute the query
• Escape the entire query string

What's that going to achieve? First of all you're not supposed to escape the entire query string, you just escape the user input. Secondly, you need to actually escape the user input before it's executed, otherwise what's the point?

Additionally you could work on making the comments more explanitory and accurate, as some of them are misleading.

[Lorenc_]

Quote:

Originally Posted by JaTochNietDan You haven't fixed the SQL injection vulnerabilities at all, I don't understand what you've tried doing in order to fix the vulnerability. Think about what you've done logically: Format the query string, putting in the raw, un-escaped inputtext variable Execute the query Escape the entire query string What's that going to achieve? First of all you're not supposed to escape the entire query string, you just escape the user input. Secondly, you need to actually escape the user input before it's executed, otherwise what's the point? Additionally you could work on making the comments more explanitory and accurate, as some of them are misleading.

I've never used ' DB_Escape ' before, this was one of my first times using it. Though I'll research a bit more on it. I'll fix up the comments later and have it properly explained though after. A bit busy with a guy

[Mr.Fames]

guys pls help me i compiled this script successfully but the problem is it only give me 1 warning on
player disconnect on this line """""""GetPlayerName(playerid, name, sizeof(name));""""""" the warning is loose indentation a and when i run the gamemode the script is not working i only enter the game like no system is there (dialogs not appearing) pls help and thx :P

[Lorenc_]

Quote:

Originally Posted by Mr.Fames guys pls help me i compiled this script successfully but the problem is it only give me 1 warning on player disconnect on this line """""""GetPlayerName(playerid, name, sizeof(name));""""""" the warning is loose indentation a and when i run the gamemode the script is not working i only enter the game like no system is there (dialogs not appearing) pls help and thx :P

I don't know what you've not tabbed though be careless and don't search the warning code inside the forum.

pawn Code:

#pragma tabsize 0

Top of your script, towards your problem and it not showing. I don't know what you've done, same with the rest of the other people.

[Mr.Fames]

Quote:

Originally Posted by Lorenc_ I don't know what you've not tabbed though be careless and don't search the warning code inside the forum. pawn Code: #pragma tabsize 0 Top of your script, towards your problem and it not showing. I don't know what you've done, same with the rest of the other people.

thx man it worked

[TRIPLE-xXx-GAMEING]

Quote:

Originally Posted by Lorenc_ It's okay, though I don't see whats the point of going through the whole process of just replacing ReturnPlayerName, but what ever you say. I'll be replacing it in the next version along with using DB_Escape to exit exploits. The estimated time when this'll come is unknown due to me being quite busy at the moment. EDIT: I've now updated the tutorial [ Version: 1.5 ] Replace your rBits include with: pawn Code: /*     SA-MP "rBits" Include     Copyright © 2011 RyDeR` */ #if defined _Included_rBits     #endinput #endif #define _Included_rBits #define BIT_TAGS \     { Bit1, Bit2, Bit4, Bit8, Bit16 } enum e_Bits {     Bit1,     Bit2,     Bit4,     Bit8,     Bit16,     Bit32 }; #define Bit1:%0<%1> \     Bit1: %0[((%1) + 31) >>> _: Bit32] #define Bit1_Set(%0,%1,%2) \     Bit_Set(%0, (%1), (%2), Bit1) #define Bit1_Get(%0,%1) \     Bit_Get(%0, (%1), Bit1) #define Bit2:%0<%1> \     Bit2: %0[((%1) + 15) >>> _: (Bit32 - Bit2)] #define Bit2_Set(%0,%1,%2) \     Bit_Set(%0, (%1), (%2), Bit2) #define Bit2_Get(%0,%1) \     Bit_Get(%0, (%1), Bit2) #define Bit4:%0<%1> \     Bit4: %0[((%1) + 7) >>> _: (Bit32 - Bit4)] #define Bit4_Set(%0,%1,%2) \     Bit_Set(%0, (%1), (%2), Bit4) #define Bit4_Get(%0,%1) \     Bit_Get(%0, (%1), Bit4) #define Bit8:%0<%1> \     Bit8: %0[(%1) char] #define Bit8_Set(%0,%1,%2) \     (_: %0{(%1)} = (%2)) #define Bit8_Get(%0,%1) \     (_: %0{(%1)}) #define Bit16:%0<%1> \     Bit16: %0[((%1) + 1) >>> _: (Bit32 - Bit16)] #define Bit16_Set(%0,%1,%2) \     Bit_Set(%0, (%1), (%2), Bit16) #define Bit16_Get(%0,%1) \     Bit_Get(%0, (%1), Bit16) stock Bit_Set(BIT_TAGS: bitArr[], arrIdx, value, e_Bits: bitShift, arrSize = sizeof(bitArr)) {     new         bitVar = ((arrIdx & ((1 << _: (Bit32 - bitShift)) - 1)) << _: bitShift),         bitLim = ((1 << (1 << _: bitShift)) - 1)     ;     if(!(0 <= (arrIdx >>>= _: (Bit32 - bitShift)) < arrSize))         return 0;     (_: bitArr[arrIdx]) &= ~(bitLim << bitVar);     (_: bitArr[arrIdx]) |= ((bitLim & value) << bitVar);     return 1; } stock Bit_Get(BIT_TAGS: bitArr[], arrIdx, e_Bits: bitShift, arrSize = sizeof(bitArr)) {     new         bitVar = ((arrIdx & ((1 << _: (Bit32 - bitShift)) - 1)) << _: bitShift),         bitLim = ((1 << (1 << _: bitShift)) - 1)     ;     if(!(0 <= (arrIdx >>>= _: (Bit32 - bitShift)) < arrSize))         return 0;     return ((_: bitArr[arrIdx] >>> bitVar) & bitLim); } I get no errors on this.

man after using this rbit i get these errors
[/pawn]C:\Users\Anmol\Desktop\LOGIN.pwn(64) : warning 217: loose indentation
C:\Users\Anmol\Desktop\LOGIN.pwn(7 : error 017: undefined symbol "ShowPlayerDialog"
C:\Users\Anmol\Desktop\LOGIN.pwn(85) : error 017: undefined symbol "ShowPlayerDialog"
C:\Users\Anmol\Desktop\LOGIN.pwn(91) : warning 235: public function lacks forward declaration (symbol "OnDialogResponse")
C:\Users\Anmol\Desktop\LOGIN.pwn(140) : error 017: undefined symbol "ShowPlayerDialog"
C:\Users\Anmol\Desktop\LOGIN.pwn(15 : error 017: undefined symbol "ShowPlayerDialog"
Pawn compiler 3.2.3664 Copyright © 1997-2006, ITB CompuPhase


4 Errors.
[/pawn]

[Edvin]

What are doing DB_Escape function?

[Konstantinos]

Quote:

Originally Posted by Edvin What are doing DB_Escape function?

Escaping Strings SQLite