Jump to content

Recommended Posts

Posted (edited)

Problema intalnita: In primul rand salutari SA:MP Romania.Problema este ca am pus sa se cripteze parola la inregistrare iar la login imi zice parola incorecta.Este prima oara cand incerc sa fac asa ceva(am incercat sa rezolv singur...).Folosesc HASH simplu(asa cred ca se spune).

Linii / script-uri:

public OnPlayerRegister(playerid, password[])
{
	if(IsPlayerConnected(playerid))
	{
		new playername3[MAX_PLAYER_NAME];
		GetPlayerName(playerid, playername3, sizeof(playername3));
		new Str[200];
	    new qstr[256];
		new MyHash[256];
	    SHA256_PassHash(password, "78sdjs86d2h", MyHash, sizeof(MyHash));
	    format(qstr,100,"SELECT * FROM users WHERE `name`='%s' AND `password`='%s'",playername2,MyHash);
		strmid(PlayerInfo[playerid][pKey], password, 0, strlen(password), 255);
		PlayerInfo[playerid][pCash] = GetPlayerCash(playerid);
		PlayerInfo[playerid][pCarLic] = 1;
		PlayerInfo[playerid][pCarLicT] = 10;
	    GetPlayerHealthEx(playerid,PlayerInfo[playerid][pHealth]);

Ia la login:

public OnPlayerLogin(playerid,password[])
{
	new playername2[MAX_PLAYER_NAME];
    GetPlayerName(playerid, playername2, sizeof(playername2));
    GameTextForPlayer(playerid, "~w~Se incarca...~n~~y~Se verifica parola", 700, 3);
    new playerip[16];
/*	GetPlayerIp(playerid,playerip,sizeof(playerip));
	if(NumIp(playerip, playerid) >= 3 && !IsBotOnIP(playerip))
	{
 		SendClientMessage(playerid, COLOR_LIGHTRED, "There are already 2 players connected with same IP.");
 		Kick(playerid);
 		return 1;
	}
*/
    new qstr[256];
	new MyHash[256];
    SHA256_PassHash(password, "78sdjs86d2h", MyHash, sizeof(MyHash));
    format(qstr,100,"SELECT * FROM users WHERE `name`='%s' AND `password`='%s'",playername2,MyHash);
    new Cache: pass = mysql_query(SQL,qstr);

Daca ma poate ajuta cineva va rog frumos?Stiu ca e simplu...dar nu-mi dau seama ce am gresit...(in baza se salveaza parola criptat).

Folosesc gamemode bigzone(scuze daca fac reclama).

Multumesc anticipat.

Edited by rpg

giphy.gif.418e22646746f7065f229917bd9fae15.gif

Posted (edited)

 

Quote

Description:

Hashes a password using the SHA-256 hashing algorithm. Includes a salt. The output is always 256 bytes in length, or the equivalent of 64 Pawn cells.

Modifica MyHash[256] in MyHash[65] si vezi daca merge.

Edited by CritteR
Posted
// 16 random characters from 33 to 126 (in ASCII) for the salt
		for (new i = 0; i < 16; i++) PlayerInfo[playerid][pSalt][i] = random(94) + 33;
		SHA256_PassHash(password, PlayerInfo[playerid][pSalt], PlayerInfo[playerid][pKey], 65);
		new Str[200];
		mysql_format(SQL,Str,sizeof(Str),"INSERT INTO `users` (`name`,`password`,`salt`) VALUES ('%e','%e','%e')",playername3,PlayerInfo[playerid][pKey],PlayerInfo[playerid][pSalt]);
		mysql_tquery(SQL,Str,"SqlInsertSID","i",playerid);

Eu unu am facut asa la OnPlayerRegister, apropo, la Register nu trebuie sa selectezi , trebuie sa inserezi

 

new hashed_pass[65];
	SHA256_PassHash(password, PlayerInfo[playerid][pSalt], hashed_pass, 65);
	mysql_format(SQL,qstr,sizeof(qstr),"SELECT * FROM users WHERE `name`='%e' AND `password`='%e'",playername2,hashed_pass);
	result = mysql_query(SQL,qstr,true);
	rows = cache_get_row_count(SQL);
	if(rows > 0)
	{
		//Aici incarci datele
 	}
new Cache:csalt,squery[128];
	mysql_format(SQL, squery, sizeof(squery), "SELECT `salt` FROM `users` WHERE `name` = '%e'", GetNameEx(playerid));
	csalt = mysql_query(SQL, squery,true);
	if(cache_num_rows() > 0)
	{
		cache_get_field_content(0, "salt", PlayerInfo[playerid][pSalt], SQL,17);
	}
	cache_delete(csalt, SQL);

Iar asta la OnPlayerConnect , pe la inceput ar fi ok , ca sa incarci salt-ul playerului pentru al folosi la Login

 

Ideea de a folosi un salt static nu e cea mai ok , fiecare jucator ar trebui sa aibe salt unic precum vezi la OnPlayerRegister-ul meu opinia mea

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. For more details you can also review our Terms of Use and Privacy Policy.