[thefatshizms]

For some reason, this code crashes my server:

pawn Код:

public OnMysqlCheckPass(playerid, password[])
{
    new rows, fields;
    cache_get_data(rows, fields, Gconnection);

    if(rows) {

        new temp[100], newpass[400];
        cache_get_row(0, 37, temp); 


        
        format(newpass, 400, "%s%s", temp, password);
        new Query[500];
        format(Query, 500, "SELECT `score` FROM `users` WHERE `username`='%s' AND password='%s'", PlayerName(playerid), newpass);
        mysql_function_query(Gconnection, Query, true, "OnPlayerRequestLogin", "d", playerid);
         
    }
    return 1;
}

Any ideas?

[thefatshizms]

Bump.

[SuperViper]

Debug it. Place prints on every line.

[Vince]

pawn Код:

cache_get_row(0, 37, temp);

Is that correct? If it is then your query isn't optimized at all. Only select the field you need. Besides that, it looks like you're fetching a salt from the database and then using that same salt to query the database again. You should use MySQL's CONCAT() function to save up on unnecessary queries.

I think the crash might actually be caused by fetching a new result while the previous result hasn't been freed yet.

[thefatshizms]

Quote:

Originally Posted by Vince pawn Код: cache_get_row(0, 37, temp); Is that correct? If it is then your query isn't optimized at all. Only select the field you need. Besides that, it looks like you're fetching a salt from the database and then using that same salt to query the database again. You should use MySQL's CONCAT() function to save up on unnecessary queries. I think the crash might actually be caused by fetching a new result while the previous result hasn't been freed yet.

Thanks about the concat function! Never knew this existed, so I'll try that now

[thefatshizms]

Thanks, by using concat I've managed to fix this

Thanks for telling me about this function.

[thefatshizms]

xD maybe I haven't fixed it..

I thought I fixed it as when I ran the query in phpmyadmin it returned the correct row etc...

pawn Код:

format(Query, 500, "SELECT CONCAT( salt, %s ) FROM  `users` WHERE  `username` =  '%s'", password, PlayerName(playerid));

But this for some reason gives an error with the mysql plugin:

Код:

Passing query SELECT CONCAT( salt, FFEF32AC48C4061214450A19D4DE5E6AB39890B81A9849415360BEA7475E7223ADB9A017C767FB1E79BCC3D0211267BC74BAD7D383217C242D54A282FAADB7DB ) FROM  `users` WHERE  `username` =  'thefatshizms' | ds
[17:51:46] CMySQLHandler::ProcessQueryThread() - Error will be triggered to OnQueryError()

its obviously not loading the salt :/

[Vince]

Try wrapping it in backticks as well. Either you use them consistently or you don't use them at all.

[thefatshizms]

I managed to fix the error, though now its saying I have the incorrect password:

pawn Код:

format(Query, 500, "SELECT CONCAT( salt, password ) FROM  `users` WHERE  `username` =  '%s' AND `password` = CONCAT(salt, '%s')"

[thefatshizms]

Just realized that I can't use concat as I need to rehash the password with the retrieved salt.

EDIT: This is the current code:

pawn Код:

public Mysql_Login(playerid, password[])
{
    new rows, fields;
    cache_get_data(rows, fields, Gconnection);

    if(rows) {
        new HashedPass[429], temp[100], Query[529];
        mysql_real_escape_string(PlayerName(playerid), PlayerName(playerid), Gconnection);
        cache_get_row(0, 37, temp);
        format(HashedPass, 429, "%s%s", temp, password);

        WP_Hash(HashedPass, 429, HashedPass);

        mysql_function_query(Gconnection, Query, true, "OnPlayerRequestLogin", "ds", playerid, HashedPass);
    }
    return 1;
}

it's escaping the string then nothing (crash)