[TonyII]

Hey, so I used Whirlpool to hash user passwords but I have a little problem. It won't really hash the password, when I check the database the password is blank not hashed at all just empty. Whenever I try to login it lets me login with anything I type. The codes:

pawn Код:

if(dialogid == DIALOG_LOGIN)
    {
        if(response)
        {
            if(!strlen(inputtext))
            {
                format(string,sizeof(string),"{FFFFFF}Welcome back %s.\n{FF0606}You've entered an invalid password.\n{FFFFFF}Type your {00FF00}password {FFFFFF}below to login.",GPN(playerid));
                ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"{FF8000}Login",string,"Login","Quit");
            }
            format(string,sizeof(string),"%s",inputtext);
            WP_Hash(password,sizeof(password),string);
            if(!strcmp(password,PlayerInfo[playerid][pPassword]))
            {
                Logged[playerid] = 999;
                SpawnPlayer(playerid);
                return 1;
            }
            else
            {
                format(string,sizeof(string),"{FFFFFF}Welcome back %s.\n{FF0606}Incorrect password.\n{FFFFFF}Type your {00FF00}password {FFFFFF}below to login.",GPN(playerid));
                ShowPlayerDialog(playerid,DIALOG_LOGIN,DIALOG_STYLE_PASSWORD,"{FF8000}Login",string,"Login","Quit");
            }
        }
        else
        {
            Kick(playerid);
        }
        return 1;
    }
    else if(dialogid == DIALOG_REGISTER)
    {
        if(response)
        {
            if(!strlen(inputtext))
            {
                ShowPlayerDialog(playerid,DIALOG_REGISTER,DIALOG_STYLE_INPUT,"{FF8000}Register","{FF0606}Invalid password\n{FFFFFF}Type your {00FF00}password {FFFFFF}below to register a new account.","Register","Quit");
            }
            format(string,sizeof(string),"%s",inputtext);
            WP_Hash(password,sizeof(password),string);
            format(PlayerInfo[playerid][pUsername], 128, "%s", GPN(playerid));
            format(PlayerInfo[playerid][pPassword], 128, "%s", password);
            PlayerInfo[playerid][pPosX] = 155.435546;
            PlayerInfo[playerid][pPosY] = 1174.296875;
            PlayerInfo[playerid][pPosZ] = 15.491741;
            PlayerInfo[playerid][pPosA] = 75.370346;
            PlayerInfo[playerid][pHealth] = 100;
            PlayerInfo[playerid][pArmour] = 0;
            PlayerInfo[playerid][pInterior] = 0;
            PlayerInfo[playerid][pVirtualWorld] = 0;
            Logged[playerid] = 999;
            SpawnPlayer(playerid);
            mysql_format(SQLID,query,sizeof(query),"INSERT INTO `users` (`username`, `password`, `posx`, `posy`, `posz`, `posa`, `health` ,`armour`, `interior`, `virtualworld`) VALUES ('%s', '%s', 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0, 0)",PlayerInfo[playerid][pUsername],PlayerInfo[playerid][pPassword]);
            mysql_tquery(SQLID,query,"","");
        }
        else
        {
            Kick(playerid);
        }
    }

[UltraScripter]

use dudb.inc

pawn Код:

//Usage
udb_hash(inputtext));

[danish007]

Show your Register dialog.

[danish007]

pawn Код:

format(PlayerInfo[playerid][pPassword], 128, "%s", udb_hash(inputtext));

[Vince]

@UltraScripter, @danish007: Stop suggesting idiotic things, for Christ's sake! Whirlpool is infinitely more secure than "udb_hash", which is not even a real hash a but simple Adler32 checksum algorithm.

@TonyII: is your column big enough? It should be char or varchar with a length of 128. I'm assuming that your query size is big enough since apparently the rest of the data gets saved properly. However,

pawn Код:

format(string,sizeof(string),"%s",inputtext);
            WP_Hash(password,sizeof(password),string);

That's just silly. Why are you copying inputtext? Just pass it into Whirlpool directly.

pawn Код:

WP_Hash(password, sizeof(password), inputtext);