Player problem

dugasz1 · March 18, 2014

Hello! I have got some problem to define the player:

So there is a button when i click on it its trigger to server the login data (there is the player yet).

But when i make a query and its call back how can i call the player who click the button?

addEvent( "clientRequestLogin", true ) 
addEventHandler( "clientRequestLogin", getRootElement(),  
function ( username, password ) 
    --dbExec( theConnection,"SET NAMES utf8" )   
    dbQuery( loginCallback, theConnection, "SELECT * FROM users WHERE username = '"..username.."' AND password = '"..md5(password).."'" ) 
end ) 
  
function loginCallback ( qh ) 
    local result = dbPoll( qh, 0 ) 
    if #result == 1 then 
        outputChatBox ( "Üdvözlünk ".. result[1]['username'].." a szerveren!", --Here comes the player  ) 
        dbQuery( characterCallback, theConnection, "SELECT * FROM characters WHERE owner = '"..result[1]['username'].."'" ) 
    elseif #result == 0 then 
        outputChatBox ( "Hibás felhasználónév vagy jelszó!", --Here comes the player ) 
    end 
end

WhoAmI · March 18, 2014

Add parameter to loginCallback function ('player'). And then call this function giving player.

loginCallback ( player, qh )

and then

dbQuery ( loginCallback, source, ... )

Castillo · March 18, 2014

That query isn't really secure, it can lead to SQL injections.

dugasz1 · March 18, 2014

Add parameter to loginCallback function ('player'). And then call this function giving player.
loginCallback ( player, qh ) 
and then
dbQuery ( loginCallback, source, ... ) 

Thank you

That query isn't really secure, it can lead to SQL injections.

You mean it's can be simply hacked?

Edited March 18, 2014 by Guest

Castillo · March 18, 2014

Read about SQL injections, you should make your queries like this:

dbQuery ( "SELECT * FROM myTable WHERE account = ?", "Castillo" )

dugasz1 · March 24, 2014

I will check it. Thank you

dugasz1 · April 1, 2014

addEvent( "clientRequestLogin", true ) 
addEventHandler( "clientRequestLogin", getRootElement(),  
function ( username, password ) 
    dbQuery( loginCallback, source, theConnection, "SELECT * FROM users WHERE username = ? AND password = ?", username, md5(password) ) 
end ) 
  
function loginCallback ( thePlayer, qh ) 
    local result = dbPoll( qh, 0 ) 
    if #result == 1 then 
        outputChatBox ( "Üdvözlünk ".. result[1]['username'].." a szerveren!", thePlayer ) 
        dbQuery( characterCallback, thePlayer, theConnection, "SELECT * FROM characters WHERE owner = ?", result[1]['username'] ) 
    elseif #result == 0 then 
        outputChatBox ( "Hibás felhasználónév vagy jelszó!",  ) 
    end 
end

WhoAmI, do you see the problem? Because it isnt work and the console write "expected db-connection at arg 2.. ".

Or do somebody know the solution?

WhoAmI · April 1, 2014

Check this

addEvent( "clientRequestLogin", true ) 
addEventHandler( "clientRequestLogin", getRootElement(), 
function ( username, password ) 
    dbQuery( loginCallback ( source ), theConnection, "SELECT * FROM users WHERE username = ? AND password = ?", username, md5(password) ) 
end ) 
  
function loginCallback ( thePlayer, qh ) 
    local result = dbPoll( qh, 0 ) 
    if #result == 1 then 
        outputChatBox ( "Üdvözlünk ".. result[1]['username'].." a szerveren!", thePlayer ) 
        dbQuery( characterCallback, thePlayer, theConnection, "SELECT * FROM characters WHERE owner = ?", result[1]['username'] ) 
    elseif #result == 0 then 
        outputChatBox ( "Hibás felhasználónév vagy jelszó!",  ) 
    end 
end

dugasz1 · April 1, 2014

I asked another hungarian scripter (image) he point on the problem :

dbQuery( loginCallback , { arg1, arg2,..}, theConnection, ....

Only the {} miss

Thank you the help too!

Sign In

Player problem

Recommended Posts

dugasz1

WhoAmI

Castillo

dugasz1

Castillo

dugasz1

dugasz1

WhoAmI

dugasz1

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

Activity

MTA Network

Social Media