mysql login/register system
#1

alright, back again, with more mysql problems, im currently working on fixing my mysql login/register system, atm, everything works perfectly, except, login, upon login, it will detect your username, and that your register'd, however, it allows you to use whatever password you want to login, and i just dont understand why, here is the mysql log, as well as the login code, it all looks fine to me, i really dont see why it doesnt kick players upon incorrect password:


Код:
[11:46:32] ---------------------------
[11:46:32] MySQL Debugging activated (11/12/13)
[11:46:32] ---------------------------
[11:46:32]  
[11:50:21] >> mysql_query( Connection handle: 1 )
[11:50:21] CMySQLHandler::Query(SELECT `Username` FROM `Users` WHERE `Username` = 'logoster' LIMIT 1;) - Successfully executed.
[11:50:21] >> mysql_store_result( Connection handle: 1 )
[11:50:21] CMySQLHandler::StoreResult() - Result was stored.
[11:50:21] >> mysql_num_rows( Connection handle: 1 )
[11:50:21] CMySQLHandler::NumRows() - Returned 1 row(s)
[11:50:21] >> mysql_free_result( Connection handle: 1 )
[11:50:21] CMySQLHandler::FreeResult() - Result was successfully free'd.
Login player code:

pawn Код:
stock LoginPlayer(playerid,const password[])
{
    new escape[MAX_PLAYER_NAME], Query[128], hash[129];
    mysql_real_escape_string(GetName(playerid), escape);
    format(hash, sizeof(hash), "%s%s", PInfo[playerid][Salt], password);
    WP_Hash(hash, 129, hash);

    format(Query,sizeof(Query),"SELECT * FROM `Users` WHERE `Username` = '%s'",escape);
    mysql_query(Query);
    mysql_store_result();
    if(mysql_num_rows() != 0)
    {
        if(strcmp(hash, PInfo[playerid][Password]))
        {
            SendClientMessage(playerid,COLOR_RED,"Wrong password!");
            Kick(playerid);
        }
        else
        {
            SendClientMessage(playerid,COLOR_LIME,"You have been logged in!");
            LoadStats(playerid);
        }
    }
    mysql_free_result();
    return 1;
}
Reply
#2

anyone? please?
Reply
#3

Is hash equals to PInfo[playerid][Password]..?
You first formatted it by:
pawn Код:
format(hash, sizeof(hash), "%s%s", PInfo[playerid][Salt], password);
But then you're checking something else?
pawn Код:
strcmp(hash, PInfo[playerid][Password]))
Reply
#4

Quote:
Originally Posted by Loot
Посмотреть сообщение
Is hash equals to PInfo[playerid][Password]..?
You first formatted it by:
pawn Код:
format(hash, sizeof(hash), "%s%s", PInfo[playerid][Salt], password);
But then you're checking something else?
pawn Код:
strcmp(hash, PInfo[playerid][Password]))
what? i dont understand, are those conflicting with each other? if so, which would be best to remove?
Reply
#5

hello?
Reply
#6

Quote:
Originally Posted by logoster
Посмотреть сообщение
hello?
Hey!
Reply
#7

LoL !


O.T --> your mysql host is not responding and your system is bugged !
Change it !
Reply
#8

Do you even load and store the password to PInfo[playerid][Password]? strcmp will return 0 (that they do match) if one of the strings is NULL.

You can also debug it and see:
pawn Код:
printf( "hash: \"%s\" and PInfo[playerid][Password]: \"%s\"", hash, PInfo[playerid][Password] );
if(strcmp(hash, PInfo[playerid][Password]))
Try to login again. What does it print?

Quote:
Originally Posted by khanz
Посмотреть сообщение
Hey!
lol
Reply
#9

Quote:
Originally Posted by iAnonymous
Посмотреть сообщение
LoL !


O.T --> your mysql host is not responding and your system is bugged !
Change it !

uhhh, no, my mysql host is responding quite well, how do i know? because my friened uses the same host, and his script works the same way, and it works FINE for him
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)