[MD5]

Hey,

I'm a bit confused. Could someone create a /changepw <old_password> <new_password> command, that does the following:

- Changes the Password In-game.
- They they type the command wrong, I want it to return a SendClientMessage that says (/changepw <old_password> <new_password>
- Returns an error if the old password is wrong.
- Tells them they've changed their password to: %s (their password they changed it to)

Sources Needed:

- The hash is SHA1.
- The saving path: UPDATE `playerdata` SET `playerPass` = '%s' WHERE `playerName` = '%s'

Regards,
MD5

[Warlord]

Post It Here http://forum.sa-mp.com/forumdisplay.php?f=12

[Evocator]

You must save the current (old) password into a var when you load the player, when the player calls the command you must compare the string (old pass with inputted) if match allow to change pass, if not send a message.

[Abagail]

See how I utilize my password changing in MySQL(Xenon Gaming),

pawn Код:

if(dialogid == DIALOG_CONFIRM_PASS)
    {
        if(!response) return 1;
        if(!strcmp(PasswordHash(inputtext), pInfo[playerid][pPass], false))
        {
            ShowPlayerDialog(playerid, DIALOG_CHANGE_PASSWORD, DIALOG_STYLE_INPUT, "New Password", "Please enter your new password.", "Change Pass", "Cancel");
            SetPVarInt(playerid, "pConfirmedPW", 1);
            return 1;
        } else {
            SendClientMessage(playerid, COLOR_WHITE, "Invalid password! Please try again.");
            return 1;
        }
    }
    if(dialogid == DIALOG_CHANGE_PASSWORD)
    {
        if(!response) return 1;
        //if(GetPVarInt(playerid, "pConfirmPW") != 1) return 1; // They shouldn't be here then!
        if(pInfo[playerid][pAdmin] > 0 && pInfo[playerid][pAdmin] < 7) return 1; // Admins can't change their own password without the help of a level 7 admin!
        if(strlen(inputtext) < 6 || strlen(inputtext) > 129)
        {
            SendClientMessage(playerid, COLOR_WHITE, "Your password must be longer than 6 characters, and shorter than 129.");
            DeletePVar(playerid, "pConfirmPW");
            return 1;
        }
        else {
            new newpassword[129];
            format(newpassword, 129, "%s", PasswordHash(inputtext));
            format(pInfo[playerid][pPass], 129, "%s", newpassword);
            mysql_format(MySQLCon, query, sizeof(query), "UPDATE `players` SET `Pass`='%s' WHERE`ID`=%d AND `user`='%e'",
            newpassword,
            pInfo[playerid][pID],
            PlayerName(playerid));
            mysql_tquery(MySQLCon, query, "", "");
            SendClientMessage(playerid, COLOR_WHITE, "Your password has been changed. Please relog to confirm changes.");
            SetTimerEx("KickPlayer", 1000, false, "i", playerid);
            new string[300];
            format(string, sizeof(string), "[WARNING]: %s has changed their password(IP: %s - ID: %d)", GetName(playerid), PlayerIP(playerid), playerid);
            print(string);
            print(query);
        }
    }

Basically, - hash the old password, and compare it to the one currently stored. If it matches, then proceed and hash the new one, - placing it into the database. I use whirlpool, how-ever you can replace it to suit your needs.