Crashing server
#1

For some reason, this code crashes my server:

pawn Код:
public OnMysqlCheckPass(playerid, password[])
{
    new rows, fields;
    cache_get_data(rows, fields, Gconnection);

    if(rows) {

        new temp[100], newpass[400];
        cache_get_row(0, 37, temp);


       
        format(newpass, 400, "%s%s", temp, password);
        new Query[500];
        format(Query, 500, "SELECT `score` FROM `users` WHERE `username`='%s' AND password='%s'", PlayerName(playerid), newpass);
        mysql_function_query(Gconnection, Query, true, "OnPlayerRequestLogin", "d", playerid);
         
    }
    return 1;
}
Any ideas?
Reply
#2

Bump.
Reply
#3

Debug it. Place prints on every line.
Reply
#4

pawn Код:
cache_get_row(0, 37, temp);
Is that correct? If it is then your query isn't optimized at all. Only select the field you need. Besides that, it looks like you're fetching a salt from the database and then using that same salt to query the database again. You should use MySQL's CONCAT() function to save up on unnecessary queries.

I think the crash might actually be caused by fetching a new result while the previous result hasn't been freed yet.
Reply
#5

Quote:
Originally Posted by Vince
Посмотреть сообщение
pawn Код:
cache_get_row(0, 37, temp);
Is that correct? If it is then your query isn't optimized at all. Only select the field you need. Besides that, it looks like you're fetching a salt from the database and then using that same salt to query the database again. You should use MySQL's CONCAT() function to save up on unnecessary queries.

I think the crash might actually be caused by fetching a new result while the previous result hasn't been freed yet.
Thanks about the concat function! Never knew this existed, so I'll try that now
Reply
#6

Thanks, by using concat I've managed to fix this

Thanks for telling me about this function.
Reply
#7

xD maybe I haven't fixed it..

I thought I fixed it as when I ran the query in phpmyadmin it returned the correct row etc...

pawn Код:
format(Query, 500, "SELECT CONCAT( salt, %s ) FROM  `users` WHERE  `username` =  '%s'", password, PlayerName(playerid));
But this for some reason gives an error with the mysql plugin:

Код:
Passing query SELECT CONCAT( salt, FFEF32AC48C4061214450A19D4DE5E6AB39890B81A9849415360BEA7475E7223ADB9A017C767FB1E79BCC3D0211267BC74BAD7D383217C242D54A282FAADB7DB ) FROM  `users` WHERE  `username` =  'thefatshizms' | ds
[17:51:46] CMySQLHandler::ProcessQueryThread() - Error will be triggered to OnQueryError()
its obviously not loading the salt :/
Reply
#8

Try wrapping it in backticks as well. Either you use them consistently or you don't use them at all.
Reply
#9

I managed to fix the error, though now its saying I have the incorrect password:

pawn Код:
format(Query, 500, "SELECT CONCAT( salt, password ) FROM  `users` WHERE  `username` =  '%s' AND `password` = CONCAT(salt, '%s')"
Reply
#10

Just realized that I can't use concat as I need to rehash the password with the retrieved salt.

EDIT: This is the current code:

pawn Код:
public Mysql_Login(playerid, password[])
{
    new rows, fields;
    cache_get_data(rows, fields, Gconnection);

    if(rows) {
        new HashedPass[429], temp[100], Query[529];
        mysql_real_escape_string(PlayerName(playerid), PlayerName(playerid), Gconnection);
        cache_get_row(0, 37, temp);
        format(HashedPass, 429, "%s%s", temp, password);

        WP_Hash(HashedPass, 429, HashedPass);

        mysql_function_query(Gconnection, Query, true, "OnPlayerRequestLogin", "ds", playerid, HashedPass);
    }
    return 1;
}
it's escaping the string then nothing (crash)
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)