Logging in

[Karuzo]

Hey Guys,

i have a few questions about SQLite and Logging in.

So lets say i have created a accounts table with dbQuery.

And want to insert the password and the username the player entered.

ok so i did that.

But what can i do after that ? So i know that the player is Logged in.

I don't want to use the logIn function.

How can i check if he is logged in.

With Element Datas ?

Thank you for your coming help.

[Castillo]

You can use element data, yes.

[Karuzo]

So lets say,

he clicks on Login, i Select from the table his Name&Password, and if they were right, i give him a element data ?

And

How do i check if a username/password already exists ?

[Castillo]

Use a "SELECT" query.

[DNL291]

How do i check if a username/password already exists ?

getAccount

[Castillo]

He's not using the MTA account system.

[Karuzo]

Why doesn't this work ?

It just doesn't put the username and the password in the columns.

  
function register_func ( player, username, password) 
        local acc = dbQuery(connect,"INSERT INTO accounts(name, password) VALUES (username, password)") 
        local acce =  getAccount(username) 
        if acc then 
                setElementData(player, "Registered",true) 
                outputChatBox("Du hast dich erfolgreich registriert! Name:  " .. username.. " Passwort:  " ..password,player,0,125,0) 
                triggerClientEvent(player,"closeLoginPanel",player) 
        else 
                outputChatBox("Error 404: Benachrichtige den Administrator!!!",player,125,0,0) 
        end 
end 
addEvent("RegRequest",true) 
addEventHandler("RegRequest",getRootElement(),register_func) 

[Castillo]

dbQuery(connect,"INSERT INTO accounts(name, password) VALUES (username, password)") 

1: Use dbExec for INSERT queries.

2: That query is wrong, it should be:

dbExec ( connect, "INSERT INTO accounts ( name, password ) VALUES ( ?, ? )", username, password ) 

[Karuzo]

Oh thank you , didn't knew that.

And what about the SELECT Query ?

I want to get the username and the password to compare it with the acc.

  
function login_func ( player, username, password) 
        local acc = dbQuery(connect, "SELECT username password FROM accounts") 
        if (username and password) == acc then 
                setElementData(player, "LoggedIN",true) 
                outputChatBox("Du hast dich erfolgreich eingeloggt!",player,0,125,0) 
                outputChatBox("Willkommen zurück,  "..string.gsub ( getPlayerName ( player ), '#%x%x%x%x%x%x', '' ),player,0,125,0) 
                triggerClientEvent(player,"closeLoginPanel",player) 
        else 
                outputChatBox("Error 404 : Dein Benutzername oder dein Passwort ist falsch!",player,125,0,0) 
        end 
end 
addEvent("LoginRequest",true) 
addEventHandler("LoginRequest",getRootElement(),login_func) 

[Castillo]

function login_func ( player, username, password) 
    local query = dbQuery ( connect, "SELECT username, password FROM accounts WHERE username = ?", username ) 
    if ( query ) then 
        local data, rows = dbPoll ( query, -1 ) 
        if ( rows == 1 ) then 
            if ( data [ 1 ].password == password ) then 
                setElementData ( player, "LoggedIN", true ) 
                outputChatBox ( "Du hast dich erfolgreich eingeloggt!",player, 0, 125, 0 ) 
                outputChatBox ( "Willkommen zurück,  "..string.gsub ( getPlayerName ( player ), '#%x%x%x%x%x%x', '' ), player, 0, 125, 0 ) 
                triggerClientEvent ( player, "closeLoginPanel", player ) 
            end 
        end 
    else 
        outputChatBox("Error 404 : Dein Benutzername oder dein Passwort ist falsch!",player,125,0,0) 
    end 
end 
addEvent ( "LoginRequest", true ) 
addEventHandler ( "LoginRequest", getRootElement(), login_func ) 

P.S: You should encrypt the passwords with sha256.

[Karuzo]

Thank you!

Works perfectly.

How can i read out the passwords if they were encrypted ?

[Castillo]

You encrypt what the client sent and compare it with the saved password.

[Karuzo]

Ah ok, now i understand it.

Thank you

[Citizen]

if (username and password) == acc then 

Hahaha, sorry but were you drunk when you made this ?

dbQuery(connect, "SELECT username password FROM accounts") 

Doesn't returns an account at all. It returns a query handler to be used in dbPoll then

local qh = dbQuery(connect, "SELECT * FROM accounts WHERE username='?' AND password='?'", username, password) 
local result = dbPoll( qh, -1 ) 
if result and #result == 1 then 
    --Good login and password since the query returned a result 
    local datas = result[1] 
    --datas is a table with all columns of the accounts table (but only with the datas of the player) 
    -- datas.username contains the username in the database 
else 
    -- Wrong login and/or password 
end 

Using dbPoll without a callback like I just did will freeze the server untill we got the table result (invisible on small queries).

EDIT: Damn it ! I should write faster ! I'm late again

[Karuzo]

if (username and password) == acc then 

Hahaha, sorry but were you drunk when you made this ?

Haha that could be.

No, just the first time i'm using sql functions.

But thank you for your reply, now it's more clear

[Citizen]

Np, in my code, the

if ( data [ 1 ].password == password ) then 

is done by the sql server that will process the query. If the password is wrong, then the sql server will returns no result.

And be carefull with big requests. Use a callback to prevent the possible freeze of your server.

[Karuzo]

Ok,

thank you (: