(https://forum.vc-mp.org/proxy.php?request=http%3A%2F%2Ffiles.thijn.ovh%2Fimg%2F776b10ecec6435a6e37d9973af136076%2Fmain.nut&hash=7874366c5642abe800e9bdca23486a02f4ffabad) (http://files.thijn.ovh/download/776b10ecec6435a6e37d9973af136076/main.nut)
Lemme know if there are any bugs.
Bug Fixes till now:
Exec Prob fixed.
local y = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. I can clearly say that you haven't tested it yet.
Quote from: KAKAN on Apr 15, 2016, 05:00 AMlocal y = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. I can clearly say that you haven't tested it yet.
oh plz thats false i did dis
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. Please /register to register in the server", player);
else if ( y >= 0 ) MessagePlayer("Welcome Back. Please /login to continue", player);
AFAIK, QuerySQL() returns a user pointer if the operation succeeded or null if it failed. And treating that user pointer or null value as an integer might not be the best idea.
But the real issue is not releasing that statement result which is considered a memory leak. And therefore, on a fast track to a crash depending on how much memory that eats.
Secondly, the code is totally exposed to SQL Injection (https://en.wikipedia.org/wiki/SQL_injection) from anyone with a bit of SQL knowledge. The only thing that saves you is the fact that VCMP itself cleans up the user name a bit. But you should never rely on that for something this critical.
The rest of the code is pure nonsense and should not be given to new users as a sample script from which they can learn. Why? Because there's absolutely no safety implemented into this script. Any user and execute arbitrary code on the server with the "exec" command. Therefore anyone can do something like "/exec QuerySQL(DB, "DROP TABLE [PlayerAccount]");" or worse.
This script is not about an account system. This is just a list of all available server events and a few failed commands.
My recommendation to new users? Run from this script!
Quote from: . on Apr 15, 2016, 05:22 AMAFAIK, QuerySQL() returns a user pointer if the operation succeeded or null if it failed. And treating that user pointer or null value as an integer might not be the best idea.
But the real issue is not releasing that statement result which is considered a memory leak. And therefore, on a fast track to a crash depending on how much memory that eats.
Secondly, the code is totally exposed to SQL Injection (https://en.wikipedia.org/wiki/SQL_injection) from anyone with a bit of SQL knowledge. The only thing that saves you is the fact that VCMP itself cleans up the user name a bit. But you should never rely on that for something this critical.
The rest of the code is pure nonsense and should not be given to new users as a sample script from which they can learn. Why? Because there's absolutely no safety implemented into this script. Any user and execute arbitrary code on the server with the "exec" command. Therefore anyone can do something like "/exec QuerySQL(DB, "DROP TABLE [PlayerAccount]");" or worse.
This script is not about an account system. This is just a list of all available server events and a few failed commands.
My recommendation to new users? Run from this script!
Im sorry bout that. anywayz updated.
Updated? I don't see anything making this "broken" code a script.
Untested.
function onPlayerJoin( player )
{
Message(""+player.Name+" Connected");
local q = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" ),y = GetSQLColumnData( q, 0 );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. Please /register to register in the server", player);
else if ( y >= 0 ) MessagePlayer("Welcome Back. Please /login to continue", player);
}
No indentation, (OMG ARE YOU BLOODY SERIOUS???)
function onPlayerJoin( player )
{
Message(""+player.Name+" Connected");
local y = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. Please /register to register in the server", player);
else if ( y >= 0 ) MessagePlayer("Welcome Back. Please /login to continue", player);
}
What? We all know that y will never equal to 0 but if y is 0, your script still wouldn't properly work. Go figure...
QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
I don't know about you guys, but I find using `table_name` more secure in potentially conflicting names.
function onPlayerPart( player, reason )
{
Message(""+player.Name+" left the server.");
SaveStats(player);
}
function SaveStats(player)
{
QuerySQL(DB, "UPDATE PlayerAccount SET Level=" + stats[ player.ID ].Level + "" );
}
What? Useless function is useless...
else if (cmd == "register")
{
...
local Password = text;
local lvl = 1;
...
}
else if (cmd == "login")
{
...
local Pass = text;
...
}
What? Useless variables are useless...
class PlayerClass
{
Level = 0
}
What? This is suppose to be a useful class but it was made useless. Useless class is useless.
I don't know if it's possible, but my suggestion would be to lock this topic and remove the download link until the author of this script can fix and test it properly.
Quote from: Fuzzie on Apr 15, 2016, 08:43 AMI don't know if it's possible, but my suggestion would be to lock this topic and remove the download link until the author of this script can fix and test it properly.
It's possible and that's the right thing to be done. Your script is far more better. He just copied your script and made it look shitty, because the newbies( like him ) lack experience in OOP
Quote from: KAKAN on Apr 15, 2016, 09:04 AM...because the newbies( like him ) lack experience in OOP
You too lack experience in OOP. In fact you don't even know what OOP is, other than the fact that it involves classes. But when it comes to the actual concept, I don't think I've ever seen any piece of code on this forum that makes use of OOP. And just because you define a class with a few member variables doesn't mean you're using OOP. In fact, what you're doing is simply using a class for something that can be solved with a table. But since they're both the same thing who would know to make the difference.
So don't claim that he or anyone else is a "newbie" when you're nearly in the same category as him, except with a little more glitter on you.
Quote from: . on Apr 15, 2016, 10:35 AMQuote from: KAKAN on Apr 15, 2016, 09:04 AM...because the newbies( like him ) lack experience in OOP
You too lack experience in OOP. In fact you don't even know what OOP is, other than the fact that it involves classes. But when it comes to the actual concept, I don't think I've ever seen any piece of code on this forum that makes use of OOP. And just because you define a class with a few member variables doesn't mean you're using OOP. In fact, what you're doing is simply using a class for something that can be solved with a table. But since they're both the same thing who would know to make the difference.
So don't claim that he or anyone else is a "newbie" when you're nearly in the same category as him, except with a little more glitter on you.
Then what's OOP? Explain pl0x. I thought the initialized classes or objects were the OOP thing
Quote from: vito on Apr 15, 2016, 01:44 PMQuote from: KAKAN on Apr 15, 2016, 12:33 PMThen what's OOP? Explain pl0x. I thought the initialized classes or objects were the OOP thing
private and public methods, interfaces, inheritance, factories. a lot of stuff to organize code to be flexible.
actually it's not needed to vc-mp.
This whole OOP thing is a bit off topic. Here is my opinion on this. While you can script without the need for OOP in VC:MP, that doesn't mean it's not needed. As a matter of fact, the only reason why OOP is not that prominent in VC:MP is down to the fact that the scripters themselves don't know how to take advantage of this to create bigger and better servers.
Edit: Just remembered that Squirrel also lack abstract classes and interfaces. It can be overcome with clever techniques though and can still work.
*cough*Javascript*cough*
off:
Quote from: vito on Apr 15, 2016, 01:44 PMQuote from: KAKAN on Apr 15, 2016, 12:33 PMThen what's OOP? Explain pl0x. I thought the initialized classes or objects were the OOP thing
private and public methods, interfaces, inheritance, factories. a lot of stuff to organize code to be flexible.
I'm quite familiar with 'em. I have used them in Java.
Quote from: vito on Apr 15, 2016, 03:25 PMI use it only in php for websites.
Most of the time, you don't need to do OOP in PHP. Though, I prefer OOP in many cases( Database handling etc )
Quote from: vito on Apr 15, 2016, 03:25 PMCan you show example how to use it based on this topic in specific script we talking about here? (I mean OP's script). Thanks.
I want the example too.
Off-Topic: Just read the squirrel documentation and you will see everything.
porque si quiere colocar el sistema de registro no agregar solo lo de fuziess? el cambio solo seria que le incorpores las funciones del server en blanco de seby y listo. funciona perfectamente. suerte :)
Quote from: kennedyarz on Apr 15, 2016, 08:10 PMporque si quiere colocar el sistema de registro no agregar solo lo de fuziess? el cambio solo seria que le incorpores las funciones del server en blanco de seby y listo. funciona perfectamente. suerte :)
WHAT?
Quote from: KAKAN on Apr 16, 2016, 08:17 AMQuote from: kennedyarz on Apr 15, 2016, 08:10 PMporque si quiere colocar el sistema de registro no agregar solo lo de fuziess? el cambio solo seria que le incorpores las funciones del server en blanco de seby y listo. funciona perfectamente. suerte :)
WHAT?
He Say
because if you want to place the registration system not only add it to fuziess ? the only change would be that you incorporate the functions of the server seby blank and ready . it works perfectly. luck :) btw its spanish
Quote from: Cena on Apr 16, 2016, 04:04 PMQuote from: KAKAN on Apr 16, 2016, 08:17 AMQuote from: kennedyarz on Apr 15, 2016, 08:10 PMporque si quiere colocar el sistema de registro no agregar solo lo de fuziess? el cambio solo seria que le incorpores las funciones del server en blanco de seby y listo. funciona perfectamente. suerte :)
WHAT?
He Say
because if you want to place the registration system not only add it to fuziess ? the only change would be that you incorporate the functions of the server seby blank and ready . it works perfectly. luck :) btw its spanish
I don't mean that. This is a official forum, and everyone should talk in English, as most of us understand English, and also it would be useful for some guys who are in a hurry for something. That would not be a pain for him to use the translator before posting.
better to use this method hope it will run because not is that doing this :/
http://s000.tinyupload.com/?file_id=07983776343952031332
Quotefunction SaveStats(player)
{
QuerySQL(DB, "UPDATE PlayerAccount SET Level=" + stats[ player.ID ].Level + "" );
}
didnt even create an array and used that.... lol
Can someone lock this sh!t?
Most certainly.