I assume you're using dialogs for the passwords, if he can login without a password - that means he's not really inputting anything into the dialog probably, that - or the password is wrong.
When having a register/login system through dialogs, make sure you run checks to check if the player is even putting in anything into the dialog first - do this with both register and login dialogs where they'll actually have to put in a password on both register & login dialogs. Along with that make sure you run if the password was even correct.
Here's a code from newbienoob
pawn Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
if(dialogid == dregister) //If dialog id is a register dialog
{//then
if(!response) return Kick(playerid); //If they clicked the second button "Quit", we will kick them.
if(response) //if they clicked the first button "Register"
{//then
if(!strlen(inputtext)) //If they didn't enter any password
{// then we will tell to them to enter the password to register
ShowPlayerDialog(playerid,dregister,DIALOG_STYLE_INPUT,"Register","Welcome! This account is not registered.\nEnter your own password to create a new account.\nPlease enter the password!","Register","Quit");
return 1;
}
//If they have entered a correct password for his/her account...
new hashpass[129]; //Now we will create a new variable to hash his/her password
WP_Hash(hashpass,sizeof(hashpass),inputtext);//We will use whirlpool to hash their inputted text
new INI:file = INI_Open(Path(playerid)); // we will open a new file for them to save their account inside of Scriptfiles/Users folder
INI_SetTag(file,"Player's Data");//We will set a tag inside of user's account called "Player's Data"
INI_WriteString(file,"Password",hashpass);//This will write a hashed password into user's account
INI_WriteInt(file,"AdminLevel",0); //Write an integer inside of user's account called "AdminLevel". We will set his level to 0 after he registered.
INI_WriteInt(file,"VIPLevel",0);//As explained above
INI_WriteInt(file,"Money",0);//Write an integer inside of user's account called "Money". We will set their money to 0 after he registered
INI_WriteInt(file,"Scores",0);//Write an integer inside of user's account called "Scores". We will set their score to 0 after he registered
INI_WriteInt(file,"Kills",0);//As explained above
INI_WriteInt(file,"Deaths",0);//As explained above
INI_Close(file);//Now after we've done saving their data, we now need to close the file
SendClientMessage(playerid,-1,"You have been successfully registered");//Tell to them that they have successfully registered a new account
return 1;
}
}
if(dialogid == dlogin) //If dialog id is a login dialog
{//then
if(!response) return Kick(playerid); //If they clicked the second button "Quit", we will kick them.
if(response) //if they clicked the first button "Register"
{//then
new hashpass[129]; //Will create a new variable to hash his/her password
WP_Hash(hashpass,sizeof(hashpass),inputtext); //Will hash inputted password
if(!strcmp(hashpass,pInfo[playerid][Pass])) //If they have insert their correct password
{//then
INI_ParseFile(Path(playerid),"loadaccount_%s",.bExtra = true, .extra = playerid);//We will load his account's data from user's path
SetPlayerScore(playerid,pInfo[playerid][Scores]);//We will get their score inside of his user's account and we will set it here
GivePlayerMoney(playerid,pInfo[playerid][Money]);//As explained above
SendClientMessage(playerid,-1,"Welcome back! You have successfully logged in");//Tell them that they've successfully logged in
}
else //If they've entered an incorrect password
{//then
ShowPlayerDialog(playerid,dlogin,DIALOG_STYLE_INPUT,"Login","Welcome back. This account is registered. \nInsert your password to login to your account.\nIncorrect password!","Login","Quit");//We will tell to them that they've entered an incorrect password
return 1;
}
}
}
return 1;
}
Read the green texts to understand what the code is doing.
