/login help with [LU]

Started by Mötley, Jul 12, 2016, 01:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Mötley

Jul 12, 2016, 01:34 PM
Okay I am about to head to work, but I put together a simple login command as well login function this morning but I feel that it could use some cleaning up/straighting up as well, There is nothing wrong that I can see of as well tested.

If anything the validation on the command at wrong password triggers even if the password is correct. So basically two wrong passwords the last on is correct you still get kicked,

Code Select
  if( cmd == "login" )
  {

         if( !text ){

            MessagePlayer( "Syntax Error!", Player );

            MessagePlayer( "Correct syntax: /login <password>", Player );

            return true;

         }

         if( LOGGED[Player.ID] == true ){

            MessagePlayer( "You are already logged in.", Player );

            return true;

         }

         if (!Login( Player, text, sqliteDB )) {
          if (LOGIN_ATTEMPTS[Player.ID] >= 2) {
               MessagePlayer( "Warning max login attempts are 3 you are at " + LOGIN_ATTEMPTS[Player.ID], Player );
          }
        }
         
         if (LOGIN_ATTEMPTS[Player.ID] == 3) {
           
             Message( Player.Name+" has been kicked for 3 unsuccessful login attempts");
           
             KickPlayer(Player);
           
             return true;

         }

   }

}
Code Select
function Login( player, password, sqliteDB ){

                local query = sqlite_query( sqliteDB, "SELECT Password, Cash, Bank, Kills, Deaths, Level, LastUsedIP FROM Accounts WHERE Name='" + player.Name + "'" );
if( ::sqlite_column_data( query, 0 ) == null ){

                       MessagePlayer( "You are not registered.", player );

}

if(( password ) != ::sqlite_column_data( query, 0 )) {

                        MessagePlayer( "Wrong password.", player );
                        LOGIN_ATTEMPTS[player.ID]++;
}

else{

MessagePlayer( "Successfully logged in.", player );
LOGGED[player.ID] = true;
                        return true;

}

}

Thijn

#1
Jul 12, 2016, 04:21 PM
I'm not going to help you until you decide to hash your passwords.

EK.IceFlake

#2
Jul 12, 2016, 05:28 PM
Well then it seems I have to help my friend xD
The code below is licensed
The license:
[spoiler](a) By using the code below, you agree that you will not execute the code on a machine running Windows XP.
(b) By using the code below, you agree that you will not use any portion of the code or the full code to assist you in building a nuclear bomb[/spoiler]
You need to move
Code Select
         if (LOGIN_ATTEMPTS[Player.ID] == 3) {
           
             Message( Player.Name+" has been kicked for 3 unsuccessful login attempts");
           
             KickPlayer(Player);
           
             return true;

         }
to inside
Code Select
         if (!Login( Player, text, sqliteDB )) {
          if (LOGIN_ATTEMPTS[Player.ID] >= 2) {
               MessagePlayer( "Warning max login attempts are 3 you are at " + LOGIN_ATTEMPTS[Player.ID], Player );
          }
        }
          Final result:
Code Select
         if (!Login( Player, text, sqliteDB )) {
         if (LOGIN_ATTEMPTS[Player.ID] == 3) {
           
             Message( Player.Name+" has been kicked for 3 unsuccessful login attempts");
           
             KickPlayer(Player);
           
             return true;

         }
          else if (LOGIN_ATTEMPTS[Player.ID] >= 2) {
               MessagePlayer( "Warning max login attempts are 3 you are at " + LOGIN_ATTEMPTS[Player.ID], Player );
          }
        }

Mötley

#3
Jul 12, 2016, 08:07 PM Last Edit: Jul 12, 2016, 09:01 PM by Mötley
I'm going to hash passwords Thijn, I just happened to not focus on that yet :P.

This morning I woke up and managed to have a really good coffee and did quite a bit of scripting, Thats when I put together this login command and added a function to keep the command system clean, also wanted to test a decently great login system to ensure I created the table right etc, After bug testing the system I noticed the invalid password attempts were off, worked but incorrect as the validations were off.
Thanks ext-d.CrystalBlue! I really appreciate that, I was thinking something similar, Now I can get another great cup of coffee and continue this interesting build ;). Really thank you!
:P Also did not encrypt passwords yet as I wanted to ensure the login fails were 100% correct.

Just needed to update the array as the max login attempts still recognize the 2. Perfection thanks.

Code Select
function Login( player, password, sqliteDB ){

        local query = sqlite_query( sqliteDB, "SELECT Password, Cash, Bank, Kills, Deaths, Level, LastUsedIP FROM Accounts WHERE Name='" + player.Name + "'" );
                if( ::sqlite_column_data( query, 0 ) == null ){

                       ::MessagePlayer( "You are not registered.", player );

                }

                 if(( password ) != ::sqlite_column_data( query, 0 )) {

                        ::MessagePlayer( "Wrong password.", player );
                        LOGIN_ATTEMPTS[player.ID]++;
                 }

                 else{

                        ::MessagePlayer( "Successfully logged in.", player );
                        LOGIN_ATTEMPTS[player.ID] = 0;
                        LOGGED[player.ID] = true;

                }

}
Print
Go Up Pages1
User actions