open.mp forum
[Pawn] mysql_query suggest - Printable Version

+ open.mp forum (https://forum.open.mp)
-- Forum: SA-MP (https://forum.open.mp/forumdisplay.php?fid=3)
--- Forum: Pawn Scripting (https://forum.open.mp/forumdisplay.php?fid=10)
--- Thread: [Pawn] mysql_query suggest (/showthread.php?tid=1787)



mysql_query suggest - Zow - 2021-03-19

How can I?improve this code?



PHP Code:
Account_PromptLogin(playerid) {

? ? new

? ? ? ? 
query[81],

? ? ? ? 
playerHash[62],

? ? ? ? 
playerDate[11],

? ? ? ? 
playerTime[9],

? ? ? ? 
playerIP[16],

? ? ? ? 
rows;



? ? 
mysql_format(MySQL_GetHandle(), querysizeof query

? ? 
"\

? ? ? ? SELECT * FROM `players` WHERE `username` = '%e' LIMIT 1\

? ? "


? ? ? ? 
Player_GetName(playerid)

? ? );

? ? 
mysql_query(MySQL_GetHandle(), query);



? ? 
cache_get_row_count(rows);



? ? if (!
rows) {

? ? ? ? 
Player_Kick(playerid);

? ? ? ? return 
0;

? ? }



? ? 
cache_get_value_name(0"password"playerHashsizeof(playerHash));

? ? 
cache_get_value_name(0"date_reg"playerDatesizeof(playerDate));

? ? 
cache_get_value_name(0"time_reg"playerTimesizeof(playerTime));

? ? 
cache_get_value_name(0"ip"playerIPsizeof(playerIP));



? ? 
Player_SetAccountHash(playeridplayerHash);

? ? 
Player_SetAccountDate(playeridplayerDate);

? ? 
Player_SetAccountTime(playeridplayerTime);

? ? 
Player_SetAccountIP(playeridplayerIP);



? ? 
Dialog_ShowCallback(playerid,

? ? ? ? 
using public Account_Login<iiiis>, 

? ? ? ? 
DIALOG_STYLE_PASSWORD

? ? ? ? 
SERVER_NAME

? ? ? ? 
"Welcome"

? ? ? ? 
"Login",

? ? ? ? 
"Exit"

? ? );

? ? return 
1;

}



forward Account_Login(playeriddialogidresponselistitemstring:inputtext[]);

public 
Account_Login(playeriddialogidresponselistitemstring:inputtext[]) {

? ? if (
response) {

? ? ? ? 
bcrypt_verify(playerid"OnPasswordVerify"inputtextPlayer_GetAccountHash(playerid));

? ? }

? ? else {

? ? ? ? 
Kick(playerid);

? ? }

? ? return 
1;





PHP Code:
forward OnPasswordVerify(playeridbool:success);

public 
OnPasswordVerify(playeridbool:success) {

? ? if (
success)

? ? {

? ? ? ? 
CallLocalFunction("OnPlayerLogin""d"playerid);

? ? }

? ? else

? ? {

? ? ? ? 
Account_PromptLogin(playerid);

? ? }





RE: mysql_query suggest - Y_Less - 2021-03-21

Use the password hash in the query, don't store it.


RE: mysql_query suggest - Zow - 2021-03-22

Why don't you store it? sry just asking

Can I reset after logged in? like

btw thanks for ur comment

PHP Code:
forward OnPasswordVerify(playeridbool:success);
public 
OnPasswordVerify(playeridbool:success) {
? ? if (
success)
? ? {
? ? ? ? 
PasswordAttempts[playerid] = 0;
? ? ? ? 
CallLocalFunction("OnPlayerLogin""d"playerid);
? ? ? ? 
Player_ResetAccountHash(playerid); // EOS
? ? }
? ? else
? ? {
? ? ? ? 
Account_PromptLogin(playerid);
? ? }




RE: mysql_query suggest - Virsenas - 2021-03-22

(2021-03-22, 05:08 PM)Zow Wrote: Why don't you store it? sry just asking



Can I reset after logged in? like



btw thanks for ur comment



PHP Code:
forward OnPasswordVerify(playeridbool:success);

public 
OnPasswordVerify(playeridbool:success) {

? ? if (
success)

? ? {

? ? ? ? 
PasswordAttempts[playerid] = 0;

? ? ? ? 
CallLocalFunction("OnPlayerLogin""d"playerid);

? ? ? ? 
Player_ResetAccountHash(playerid); // EOS

? ? }

? ? else

? ? {

? ? ? ? 
Account_PromptLogin(playerid);

? ? }





Store it into your MySql database, but not on your server. You only need to access or write a players password just when he logs in or registers. And that is just one or a few times a day you need to use the players password. Keeping a players password on your server not only wastes a bit piece of memory but also is there to be used by future or current exploits of the server and that is a potential way how you can risk every players password being leaked. I don't think you want that to happen to your server.


RE: mysql_query suggest - Zow - 2021-03-22

Ok got it now

I'm asking because I don't know how to do that without inline but now I use it

ty for explain