Passwords

PsyChO_KiLLeR

  • Full Member
  • Learning from you All
  • Posts: 133
Passwords
« on March 5th, 2015, 04:48 AM »
Well i am facing big problem as u know in db the real password are not save i go in my server and register there with password is password and when my ip changed then i go and type /login password it say invalid pass what is problem?

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,803
Re: Passwords
« Reply #1, on March 5th, 2015, 04:51 AM »
What's the code/query that you use to save your passwords? Have you checked to see if the password is saved there? Give us something. We cannot help you if we're left here to guess :-\
.

PsyChO_KiLLeR

  • Full Member
  • Learning from you All
  • Posts: 133
Re: Passwords
« Reply #2, on March 5th, 2015, 04:54 AM »Last edited on March 6th, 2015, 01:03 PM by stormeus
this is password save in database
password hash removed -stormeus

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,803
Re: Passwords
« Reply #3, on March 5th, 2015, 04:56 AM »
Quote from PsyChO_KiLLeR on March 5th, 2015, 04:54 AM
this is password save in database 16e33c64c47c45b217c167ff66e8dc0827f4516ea32be957de749deab1260c5f
What am I supposed to do with that?
.

PsyChO_KiLLeR

  • Full Member
  • Learning from you All
  • Posts: 133
Re: Passwords
« Reply #4, on March 5th, 2015, 04:57 AM »
this is function register
function Register( player, pass )
{
     try{
    local password = e(pass);
    QuerySQL( db, "REPLACE INTO Account ( Name, IP, Level, Pass, Kills, Deaths, Cash, Bank ) VALUES ( '" + player.Name.tolower() + "', '" + player.IP + "', 1, '" + password + "', 0, 0, 0, 0 )" );
    player.Cash = 2000;
    status[ player.ID ].IsLogged = true;
    status[ player.ID ].IsReg = true;
    ePrivMessage( "You've Registered!", player );
    ePrivMessage( "Nick:[ " + player.Name + " ] Password:[ " + pass + " ]", player );
    Message( ">> " + player.Name + " is a Registered Nick-Name Now!" );
    }
    catch(e) print( "Reg Function Error: " + e );
   
}

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,803
Re: Passwords
« Reply #5, on March 5th, 2015, 05:21 AM »Last edited on March 5th, 2015, 05:29 AM
I doubt this was the issue but here you go:
Code: [Select]
function Register( player, pass )
{
     try{
        local password = e(pass);
        QuerySQL( db, format(@"INSERT OR REPLACE INTO [Account] (ROWID, Name, IP, Level, Pass, Kills, Deaths, Cash, Bank) VALUES ((SELECT ROWID FROM [Account] WHERE Name = '%s'), '%s', '%s', %d, '%s', %d, %d, %d, %d);", player.Name.tolower(), player.Name.tolower(), player.IP, 1, password, 0, 0, 0, 0));
        player.Cash = 2000;
        status[ player.ID ].IsLogged = true;
        status[ player.ID ].IsReg = true;
        ePrivMessage( "You've Registered!", player );
        ePrivMessage( "Nick:[ " + player.Name + " ] Password:[ " + pass + " ]", player );
        Message( ">> " + player.Name + " is a Registered Nick-Name Now!" );
    }
    catch(e) print( "Reg Function Error: " + e );
}

There's probably something wrong with your log-in function.
.

PsyChO_KiLLeR

  • Full Member
  • Learning from you All
  • Posts: 133
Re: Passwords
« Reply #6, on March 5th, 2015, 05:28 AM »
function Login( player, pass )
{
          ePrivMessage( "You've Successfully Logged-In!", player );
        ePrivMessage( "Nick:[ " + player.Name + " ] Password:[ " + pass + " ] Level:[ " + status[ player.ID ].Level + " ]", player );
        status[ player.ID ].IsLogged = true;
        EMessage( ">> " + player.Name + " Logged-In." );
}





Login Function

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,803
Re: Passwords
« Reply #7, on March 5th, 2015, 05:30 AM »
You're missing the database query :D You're not retrieving any data from the database.
.

PsyChO_KiLLeR

  • Full Member
  • Learning from you All
  • Posts: 133
Re: Passwords
« Reply #8, on March 5th, 2015, 05:31 AM »
what i add there ?

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,803
Re: Passwords
« Reply #9, on March 5th, 2015, 05:42 AM »Last edited on March 5th, 2015, 05:45 AM
Quote from PsyChO_KiLLeR on March 5th, 2015, 05:31 AM
what i add there ?
I mean, you have to retrieve the old password from the database and then encrypt the specified database just like you did the first time you added it to the database. Then compare the result of the encryption of the specified password with the encrypted password retrieved from the database. If they match then the password was correct:
Code: [Select]
function Login( player, pass )
{
        local result = QuerySQL(db, format(@"SELECT Pass FROM [Account] WHERE Name = '%s';", escapeSQLString(player.Name.tolower())));
        if (!result) {
            // Unable to login
            // Failed to read from database
            return false;
        }
        local player_pass = GetSQLColumnData(result, 0);
        FreeSQLQuery(result);
        if (player_pass != e(pass)) {
            // Unable to login
            // Passwords don't match
            return false;
        }
        ePrivMessage( "You've Successfully Logged-In!", player );
        ePrivMessage( "Nick:[ " + player.Name + " ] Password:[ " + pass + " ] Level:[ " + status[ player.ID ].Level + " ]", player );
        status[ player.ID ].IsLogged = true;
        EMessage( ">> " + player.Name + " Logged-In." );
}

I still find it hard to understand the code so I'll stop here because there is no purpose to this.
.

ThunderStorm

  • Newbie
  • Hello
  • Posts: 22
Re: Passwords
« Reply #10, on March 5th, 2015, 05:56 AM »Last edited on March 5th, 2015, 06:00 AM
@S.L.C he checks whether the pass matches in the command.
So, Check your login command, Psycho_Killer ( maybe condition is wrong )



.

  • VC:MP Beta Tester
  • .
  • Posts: 1,803
Re: Passwords
« Reply #11, on March 5th, 2015, 06:00 AM »
Quote from ThunderStorm on March 5th, 2015, 05:56 AM
Check if your login command has e(password)
Actually he doesn't even check the password. He just print's it back to the player. Which simply tells the player "Hey, I'm not even encrypting your password directly.". And then I'm guessing that he expects some magic to happen and the passwords test them self automatically.

Based on this function I'd say this isn't the problem. Manly because he says his error doesn't allow the player to login at all. And this function is an open invitation for any stranger out there.
Re: Passwords
« Reply #12, on March 5th, 2015, 06:01 AM »
Quote from ThunderStorm on March 5th, 2015, 05:56 AM
@S.L.C he checks whether the pass matches in the command.
So what's the point of that function actually? Just to print some text and set a variable to true? Can't he just do that in the command with the rest of the code :-\
.

Thijn

  • VC:MP Beta Tester
  • Posts: 1,689
Re: Passwords
« Reply #13, on March 5th, 2015, 06:50 AM »
Also, don't message his plaintext password when he logs in :x

Kratos_

  • Jr. Member
  • Mutaros Apotheoses
  • Posts: 86
Re: Passwords
« Reply #14, on March 5th, 2015, 07:23 AM »

Kills, Deaths, Cash & Bank entities aren't cached during login . They are just sitting in the database since registration . :P
S.L.C's login function will work . If no record is obtained then you can print message like Not Registered . If obtained but pass doesn't matched then you can print Login Failed . You can use his function . Thijn gave a nice idea .
In the middle of chaos , lies opportunity.