Ayanami Posted June 13, 2010 Share Posted June 13, 2010 Hello folks, I've got an MTA server set up along with a MySQL server. The database contains a table named Account, where the user data is stored (e.g. Username, Password...). Next, my login requests the user to enter his username and his password. Then it tries to fetch the correct password of the respective username from the database in order to compare it with the password that has been entered. Unfortunately, although the database connection is established, the query always returns nil: ERROR: ...-1.0.3/mods/deathmatch/resources/u_login/login_s.lua:21: bad argument #1 to 'mysql_fetch_field' (LuaBook.mysqlResult expected, got nil) (In the code snippet below, this is line 11.) I would really like to do more research on this matter myself since it's kind of a basic problem; but I was unable to find much documentation or even better a tutorial on the mysql "add-in". Any suggestions on the problem or documentation references would be greatly appreciated function evaluateLogin(enteredUsername, enteredPassword) outputChatBox("Login auswerten: " .. enteredUsername .. "//" .. enteredPassword) handler = mysql_connect("localhost", "[color=#FF8000]<myUser>[/color]", "[color=#FF8000]<myPwd>[/color]", "mta") sqlresult = mysql_query(handler, "SELECT Password from Account WHERE Username=" .. enteredUsername) if sqlresult then mysql_free_result(sqlresult) end result = mysql_fetch_field(sqlresult) outputChatBox(result[0]) end Link to comment
dzek (varez) Posted June 13, 2010 Share Posted June 13, 2010 if sqlresult then mysql_free_result(sqlresult) end result = mysql_fetch_field(sqlresult) so first, you are freeing/destroying it, THEN you want to read it.. nice.. btw: mysql_fetch_assoc -- much better -- see: [url=https://wiki.multitheftauto.com/wiki/Modules/MTA-MySQL/mysql_fetch_assoc]https://wiki.multitheftauto.com/wiki/Modules/MTA- ... etch_assoc[/url] Link to comment
Ayanami Posted June 13, 2010 Author Share Posted June 13, 2010 Good point, but I commented the "free" command out with the same result I am not quite sure whether the "free" command just frees up some memory leftovers, or if it actually erases the content of my variable...as I said these are basic things, but I cannot find a documentation anywhere Concerning fetch_assoc - I'll try that tomorrow. Thanks in advance... Link to comment
dzek (varez) Posted June 13, 2010 Share Posted June 13, 2010 hell, wait.. you know anything about mysql? sqlresult = mysql_query(handler, "SELECT Password from Account WHERE Username=" .. enteredUsername) -- so example query will be -- SELECT Password from Account WHERE Username=bla -- you have to put your username in single quotes -> ' -- and read about MySQL Injection - your code is vurnelable to SQL Injections !!!!!!!!! -- more: -- [url=https://wiki.multitheftauto.com/wiki/Modules/MTA-MySQL/mysql_escape_string]https://wiki.multitheftauto.com/wiki/Modules/MTA- ... ape_string[/url] Link to comment
Ayanami Posted June 14, 2010 Author Share Posted June 14, 2010 That was helpful, thanks a lot. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now