+ open.mp forum (https://forum.open.mp)
-- Forum: SA-MP (https://forum.open.mp/forumdisplay.php?fid=3)
--- Forum: Pawn Scripting (https://forum.open.mp/forumdisplay.php?fid=10)
--- Thread: [Pawn] mysql_query suggest (/showthread.php?tid=1787)
mysql_query suggest - Zow - 2021-03-19
How can I?improve this code?
PHP Code:
Account_PromptLogin(playerid) {
? ? new
? ? ? ? query[81],
? ? ? ? playerHash[62],
? ? ? ? playerDate[11],
? ? ? ? playerTime[9],
? ? ? ? playerIP[16],
? ? ? ? rows;
? ? mysql_format(MySQL_GetHandle(), query, sizeof query,
? ? "\
? ? ? ? SELECT * FROM `players` WHERE `username` = '%e' LIMIT 1\
? ? ",
? ? ? ? Player_GetName(playerid)
? ? );
? ? mysql_query(MySQL_GetHandle(), query);
? ? cache_get_row_count(rows);
? ? if (!rows) {
? ? ? ? Player_Kick(playerid);
? ? ? ? return 0;
? ? }
? ? cache_get_value_name(0, "password", playerHash, sizeof(playerHash));
? ? cache_get_value_name(0, "date_reg", playerDate, sizeof(playerDate));
? ? cache_get_value_name(0, "time_reg", playerTime, sizeof(playerTime));
? ? cache_get_value_name(0, "ip", playerIP, sizeof(playerIP));
? ? Player_SetAccountHash(playerid, playerHash);
? ? Player_SetAccountDate(playerid, playerDate);
? ? Player_SetAccountTime(playerid, playerTime);
? ? Player_SetAccountIP(playerid, playerIP);
? ? Dialog_ShowCallback(playerid,
? ? ? ? using public Account_Login<iiiis>,
? ? ? ? DIALOG_STYLE_PASSWORD,
? ? ? ? SERVER_NAME,
? ? ? ? "Welcome",
? ? ? ? "Login",
? ? ? ? "Exit"
? ? );
? ? return 1;
}
forward Account_Login(playerid, dialogid, response, listitem, string:inputtext[]);
public Account_Login(playerid, dialogid, response, listitem, string:inputtext[]) {
? ? if (response) {
? ? ? ? bcrypt_verify(playerid, "OnPasswordVerify", inputtext, Player_GetAccountHash(playerid));
? ? }
? ? else {
? ? ? ? Kick(playerid);
? ? }
? ? return 1;
}
PHP Code:
forward OnPasswordVerify(playerid, bool:success);
public OnPasswordVerify(playerid, bool:success) {
? ? if (success)
? ? {
? ? ? ? CallLocalFunction("OnPlayerLogin", "d", playerid);
? ? }
? ? else
? ? {
? ? ? ? Account_PromptLogin(playerid);
? ? }
}
RE: mysql_query suggest - Y_Less - 2021-03-21
Use the password hash in the query, don't store it.
RE: mysql_query suggest - Zow - 2021-03-22
Why don't you store it? sry just asking
Can I reset after logged in? like
btw thanks for ur comment
PHP Code:
forward OnPasswordVerify(playerid, bool:success);
public OnPasswordVerify(playerid, bool:success) {
? ? if (success)
? ? {
? ? ? ? PasswordAttempts[playerid] = 0;
? ? ? ? CallLocalFunction("OnPlayerLogin", "d", playerid);
? ? ? ? Player_ResetAccountHash(playerid); // EOS
? ? }
? ? else
? ? {
? ? ? ? Account_PromptLogin(playerid);
? ? }
}
RE: mysql_query suggest - Virsenas - 2021-03-22
(2021-03-22, 05:08 PM)Zow Wrote: Why don't you store it? sry just asking
Can I reset after logged in? like
btw thanks for ur comment
PHP Code:forward OnPasswordVerify(playerid, bool:success);
public OnPasswordVerify(playerid, bool:success) {
? ? if (success)
? ? {
? ? ? ? PasswordAttempts[playerid] = 0;
? ? ? ? CallLocalFunction("OnPlayerLogin", "d", playerid);
? ? ? ? Player_ResetAccountHash(playerid); // EOS
? ? }
? ? else
? ? {
? ? ? ? Account_PromptLogin(playerid);
? ? }
}
Store it into your MySql database, but not on your server. You only need to access or write a players password just when he logs in or registers. And that is just one or a few times a day you need to use the players password. Keeping a players password on your server not only wastes a bit piece of memory but also is there to be used by future or current exploits of the server and that is a potential way how you can risk every players password being leaked. I don't think you want that to happen to your server.
RE: mysql_query suggest - Zow - 2021-03-22
Ok got it now
I'm asking because I don't know how to do that without inline but now I use it
ty for explain