Help in MySQL Login/Register System
#1

Hey friends I am a noob scripter(just started).. So I would feel good if you helped me.
I have heard a lot about MySQL login/register systems and it feels good too..(good for big servers)

I have researched a lot and saw a lot of tutorials but none fit my needs.
I need some clear explanation on building a MySQL login/register system.
And I want it to be safe.
Basically I have heard a lot about editing values of a player and so and so in MySQL and I want my login/register system to be protected against it.
I also want the system(the login part) to give players a number of 10 attempts to login before he is kicked(not banned)... Because I want to protect it from brute force attacks and such.

I would also love if anyone gave some information about protection against MySQL injections.

So the conclusion:
A clearly explained MySQL login/register system(code with explanations(I am a noob)) with 10 attempts for login and then a kick, protection against value edits and protection against injections(if you know what I mean.)...

Thanks
Would be great if anyone helped...
Reply
#2

Hmmmm, just ******..

https://sampforum.blast.hk/showthread.php?tid=56564
https://sampforum.blast.hk/showthread.php?tid=574714
https://en.wikipedia.org/wiki/SQL_injection
https://en.wikipedia.org/wiki/MySQL_AB
Reply
#3

rly what the fuck are you talking about, register/login system is so simple to make and well safety also.
for safety just use mysql_format it wont let player enter harmful sql commands, like entering
DROP DATABASE samp and so one.
Reply
#4

Thanks a lot friend..But still a problem..
I visited OverHaul's tutorial and it said..

"Ideally, you would add a check for the amount of times the player has tried to log in so they can't float the server with login request to guess someone's password."

But there is nowhere I see it on the script..
Reply
#5

Quote:
Originally Posted by Ankon
View Post
Thanks a lot friend..But still a problem..
I visited OverHaul's tutorial and it said..

"Ideally, you would add a check for the amount of times the player has tried to log in so they can't float the server with login request to guess someone's password."

But there is nowhere I see it on the script..
Outside any callback:
PHP Code:
new loginAttempts[MAX_PLAYERS]; 
OnPlayerConnect:
PHP Code:
loginAttempts[playerid] = 0
In dialog response->login->wrong password
PHP Code:
loginAttempts[playerid]++;
if(
loginAttempts[playerid] > 9)
   
Kick(playerid); 
Reply
#6

Thanks Meller..
REP+ to you..
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)