Problema mysql injection

MAXYMUSS · December 1, 2015

Problema intalnita (descriere): La /changepass ( cred , dupa ce e folosita comanda asta vad ca apare problema , poate fi si de la altele )
Ero(area / rile) / warning-(ul / urile): -
Liniile de cod / sursa / script-ul(obligatoriu):

   if(dialogid == DIALOG_NEWPASS)
	{
		if(response)
    	{
	 		new length = strlen(inputtext);
			if(length == 0 || length > 15)
			{
				SendClientMessage(playerid, COLOR_WHITE, "Parola trebuie sa contina maximum 15 caractere.");
				ShowPlayerDialog(playerid, DIALOG_NEWPASS,DIALOG_STYLE_INPUT, "Change password:","Tasteaza noua parola:","Done","Close");
				return 1;
			}
	        if(strlen(inputtext) > 1 && strlen(inputtext) < 16)
			{
				new tmppass[64];
				mysql_real_escape_string(inputtext, tmppass);
				strmid(playerVariables[playerid][pPassword] , tmppass, 0, strlen(tmppass), 255);
				format(mortiimatii,sizeof(mortiimatii),"Parola schimbata cu succes! Noua ta parola este: {FFFFFF}%s{FFFF00}.",tmppass);
				SendClientMessage(playerid, COLOR_YELLOW,mortiimatii);
				new Str[240];
				format(Str,256,"UPDATE `playeraccounts` SET `playerPassword`='%s' WHERE `playerID`='%d'",inputtext, playerVariables[playerid][pInternalID]);
				mysql_tquery(handle,Str);
				return 1;
			}
			else
			{
			    ShowPlayerDialog(playerid, DIALOG_NEWPASS,DIALOG_STYLE_INPUT, "Change password:","Tasteaza noua parola:","Done","Close");
				return 1;
			}
		}
		return 1;
	}

Imagini / Video (optional): -
Ati incercat sa rezolvati singur?: am pus mysql_real_escape_string , am refacut comanda de 2-3 ori si nimic .

Va multumesc !

WiDuAlK · December 1, 2015

verificarea fa-o la nume gen

mysql_format(handle, string, sizeof(string), "UPDATE `conturi` SET `ceva` = '%d' WHERE `Name` = '%e'", ceva, GetName(playerid));

MAXYMUSS · December 2, 2015

Am modificat tot , am testat cum am stiut , cred ca ( si sigur ) am scapat de problema , iti multumesc !

WiDuAlK · December 2, 2015

Acum 1 oră, MAXYMUSS a spus:

Am modificat tot , am testat cum am stiut , cred ca ( si sigur ) am scapat de problema , iti multumesc !

Cu placere. Problem solved!

Sign In

Problema mysql injection

Question

MAXYMUSS

Link to comment

Share on other sites

3 answers to this question

Recommended Posts

WiDuAlK

Link to comment

Share on other sites

MAXYMUSS

Link to comment

Share on other sites

WiDuAlK

Link to comment

Share on other sites

Similar Content

Cerere sistem de salvare mysql.

Problema turf

Problema Wanted

Problema

problema string

Recently Browsing 0 members

Browse

Activity

Important Information