« [FilterScript] Map Editing Script
My Account System v0.1 Beta

[VM_U]Spectra.PhantoM^

  • Full Member
  • Posts: 109
My Account System v0.1 Beta
« on April 15th, 2016, 05:56 AM »Last edited on April 15th, 2016, 06:50 AM

Lemme know if there are any bugs.
Bug Fixes till now:
Exec Prob fixed.
Wanna Talk To Me? Come At Irc #[email protected]

KAKAN

  • Wiki Contributor
  • Posts: 3,343
Re: My Account System v0.1 Beta
« Reply #1, on April 15th, 2016, 06:00 AM »
Code: [Select]
local y = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server.
I can clearly say that you haven't tested it yet.
You can contact me using Discord, at Developers.CPP( check off-board to find the invite link )
Github: https://github.com/theKAKAN

[VM_U]Spectra.PhantoM^

  • Full Member
  • Posts: 109
Re: My Account System v0.1 Beta
« Reply #2, on April 15th, 2016, 06:07 AM »
Quote from KAKAN on April 15th, 2016, 06:00 AM
Code: [Select]
local y = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server.
I can clearly say that you haven't tested it yet.
oh plz thats false i did dis
Code: [Select]
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. Please /register to register in the server", player);
else if ( y >= 0 ) MessagePlayer("Welcome Back. Please /login to continue", player);
Wanna Talk To Me? Come At Irc #[email protected]

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,806
Re: My Account System v0.1 Beta
« Reply #3, on April 15th, 2016, 06:22 AM »
AFAIK, QuerySQL() returns a user pointer if the operation succeeded or null if it failed. And treating that user pointer or null value as an integer might not be the best idea.

But the real issue is not releasing that statement result which is considered a memory leak. And therefore, on a fast track to a crash depending on how much memory that eats.

Secondly, the code is totally exposed to SQL Injection from anyone with a bit of SQL knowledge. The only thing that saves you is the fact that VCMP itself cleans up the user name a bit. But you should never rely on that for something this critical.

The rest of the code is pure nonsense and should not be given to new users as a sample script from which they can learn. Why? Because there's absolutely no safety implemented into this script. Any user and execute arbitrary code on the server with the "exec" command. Therefore anyone can do something like "/exec QuerySQL(DB, "DROP TABLE [PlayerAccount]");" or worse.

This script is not about an account system. This is just a list of all available server events and a few failed commands.

My recommendation to new users? Run from this script!
.

[VM_U]Spectra.PhantoM^

  • Full Member
  • Posts: 109
Re: My Account System v0.1 Beta
« Reply #4, on April 15th, 2016, 06:50 AM »
Quote from . on April 15th, 2016, 06:22 AM
AFAIK, QuerySQL() returns a user pointer if the operation succeeded or null if it failed. And treating that user pointer or null value as an integer might not be the best idea.

But the real issue is not releasing that statement result which is considered a memory leak. And therefore, on a fast track to a crash depending on how much memory that eats.

Secondly, the code is totally exposed to SQL Injection from anyone with a bit of SQL knowledge. The only thing that saves you is the fact that VCMP itself cleans up the user name a bit. But you should never rely on that for something this critical.

The rest of the code is pure nonsense and should not be given to new users as a sample script from which they can learn. Why? Because there's absolutely no safety implemented into this script. Any user and execute arbitrary code on the server with the "exec" command. Therefore anyone can do something like "/exec QuerySQL(DB, "DROP TABLE [PlayerAccount]");" or worse.

This script is not about an account system. This is just a list of all available server events and a few failed commands.

My recommendation to new users? Run from this script!
Im sorry bout that. anywayz updated.
Wanna Talk To Me? Come At Irc #[email protected]

DizzasTeR

  • VC:MP Beta Tester
  • Infinite loops defy infinity by overflowing memory
  • Posts: 1,149

Xmair

  • Wiki Contributor
  • Posts: 924
Re: My Account System v0.1 Beta
« Reply #6, on April 15th, 2016, 08:26 AM »
Untested.
Code: [Select]
function onPlayerJoin( player )
{
Message(""+player.Name+" Connected");
local q = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" ),y = GetSQLColumnData( q, 0 );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. Please /register to register in the server", player);
else if ( y >= 0 ) MessagePlayer("Welcome Back. Please /login to continue", player);
}
VU Full Member | VCCNR Developer | KTB Developer | EAD Ex-Scripter

Fuzzie

  • Jr. Member
  • Posts: 83
Re: My Account System v0.1 Beta
« Reply #7, on April 15th, 2016, 09:43 AM »
No indentation, (OMG ARE YOU BLOODY SERIOUS???)



Code: [Select]
function onPlayerJoin( player )
{
Message(""+player.Name+" Connected");
local y = QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );
if ( y <= 0 ) MessagePlayer("Hello and welcome to the server. Please /register to register in the server", player);
else if ( y >= 0 ) MessagePlayer("Welcome Back. Please /login to continue", player);
}

What? We all know that y will never equal to 0 but if y is 0, your script still wouldn't properly work. Go figure...



Code: [Select]
QuerySQL(DB, "SELECT Level FROM PlayerAccount WHERE Name='" + player.Name + "'" );

I don't know about you guys, but I find using `table_name` more secure in potentially conflicting names.



Code: [Select]
function onPlayerPart( player, reason )
{
Message(""+player.Name+" left the server.");
SaveStats(player);
}

function SaveStats(player)
{
QuerySQL(DB, "UPDATE PlayerAccount SET Level=" + stats[ player.ID ].Level + "" );
}

What? Useless function is useless...



Code: [Select]
else if (cmd == "register")
{
...
local Password = text;
local lvl = 1;
...
}

Code: [Select]
else if (cmd == "login")
{
...
local Pass = text;
...
}

What? Useless variables are useless...



Code: [Select]
class PlayerClass
{
Level = 0
}

What? This is suppose to be a useful class but it was made useless. Useless class is useless.



I don't know if it's possible, but my suggestion would be to lock this topic and remove the download link until the author of this script can fix and test it properly.

KAKAN

  • Wiki Contributor
  • Posts: 3,343
Re: My Account System v0.1 Beta
« Reply #8, on April 15th, 2016, 10:04 AM »
Quote from Fuzzie on April 15th, 2016, 09:43 AM
I don't know if it's possible, but my suggestion would be to lock this topic and remove the download link until the author of this script can fix and test it properly.
It's possible and that's the right thing to be done. Your script is far more better. He just copied your script and made it look shitty, because the newbies( like him ) lack experience in OOP
You can contact me using Discord, at Developers.CPP( check off-board to find the invite link )
Github: https://github.com/theKAKAN

.

  • VC:MP Beta Tester
  • .
  • Posts: 1,806
Re: My Account System v0.1 Beta
« Reply #9, on April 15th, 2016, 11:35 AM »
Quote from KAKAN on April 15th, 2016, 10:04 AM
...because the newbies( like him ) lack experience in OOP
You too lack experience in OOP. In fact you don't even know what OOP is, other than the fact that it involves classes. But when it comes to the actual concept, I don't think I've ever seen any piece of code on this forum that makes use of OOP. And just because you define a class with a few member variables doesn't mean you're using OOP. In fact, what you're doing is simply using a class for something that can be solved with a table. But since they're both the same thing who would know to make the difference.

So don't claim that he or anyone else is a "newbie" when you're nearly in the same category as him, except with a little more glitter on you.
.

KAKAN

  • Wiki Contributor
  • Posts: 3,343
Re: My Account System v0.1 Beta
« Reply #10, on April 15th, 2016, 01:33 PM »Last edited on April 15th, 2016, 01:37 PM
Quote from . on April 15th, 2016, 11:35 AM
Quote from KAKAN on April 15th, 2016, 10:04 AM
...because the newbies( like him ) lack experience in OOP
You too lack experience in OOP. In fact you don't even know what OOP is, other than the fact that it involves classes. But when it comes to the actual concept, I don't think I've ever seen any piece of code on this forum that makes use of OOP. And just because you define a class with a few member variables doesn't mean you're using OOP. In fact, what you're doing is simply using a class for something that can be solved with a table. But since they're both the same thing who would know to make the difference.

So don't claim that he or anyone else is a "newbie" when you're nearly in the same category as him, except with a little more glitter on you.
Then what's OOP? Explain pl0x. I thought the initialized classes or objects were the OOP thing
You can contact me using Discord, at Developers.CPP( check off-board to find the invite link )
Github: https://github.com/theKAKAN

Fuzzie

  • Jr. Member
  • Posts: 83
Re: My Account System v0.1 Beta
« Reply #11, on April 15th, 2016, 03:27 PM »Last edited on April 15th, 2016, 03:31 PM
Quote from vito on April 15th, 2016, 02:44 PM
Quote from KAKAN on April 15th, 2016, 01:33 PM
Then what's OOP? Explain pl0x. I thought the initialized classes or objects were the OOP thing
private and public methods, interfaces, inheritance, factories. a lot of stuff to organize code to be flexible.
actually it's not needed to vc-mp.
This whole OOP thing is a bit off topic. Here is my opinion on this. While you can script without the need for OOP in VC:MP, that doesn't mean it's not needed. As a matter of fact, the only reason why OOP is not that prominent in VC:MP is down to the fact that the scripters themselves don't know how to take advantage of this to create bigger and better servers.

Edit: Just remembered that Squirrel also lack abstract classes and interfaces. It can be overcome with clever techniques though and can still work. *cough*Javascript*cough*

KAKAN

  • Wiki Contributor
  • Posts: 3,343
Re: My Account System v0.1 Beta
« Reply #12, on April 15th, 2016, 05:23 PM »
off:
Quote from vito on April 15th, 2016, 02:44 PM
Quote from KAKAN on April 15th, 2016, 01:33 PM
Then what's OOP? Explain pl0x. I thought the initialized classes or objects were the OOP thing
private and public methods, interfaces, inheritance, factories. a lot of stuff to organize code to be flexible.
I'm quite familiar with 'em. I have used them in Java.
Quote from vito on April 15th, 2016, 04:25 PM
I use it only in php for websites.
Most of the time, you don't need to do OOP in PHP. Though, I prefer OOP in many cases( Database handling etc )
Quote from vito on April 15th, 2016, 04:25 PM
Can you show example how to use it based on this topic in specific script we talking about here? (I mean OP's script). Thanks.
I want the example too.
You can contact me using Discord, at Developers.CPP( check off-board to find the invite link )
Github: https://github.com/theKAKAN

DizzasTeR

  • VC:MP Beta Tester
  • Infinite loops defy infinity by overflowing memory
  • Posts: 1,149
Re: My Account System v0.1 Beta
« Reply #13, on April 15th, 2016, 05:35 PM »
Off-Topic: Just read the squirrel documentation and you will see everything.

kennedyarz

  • Sr. Member
  • Making American Great Again
  • Posts: 334
Re: My Account System v0.1 Beta
« Reply #14, on April 15th, 2016, 09:10 PM »
porque si quiere colocar el sistema de registro no agregar solo lo de fuziess? el cambio solo seria que le incorpores las funciones del server en blanco de seby y listo. funciona perfectamente. suerte :)