PDA

View Full Version : [Solved] Blanking out passwords.


CounterTDM
17/07/2015, 06:11 AM
Script used: http://forum.sa-mp.com/showthread.php?t=574714

Good morning all, I have setup a MySQL registration/login system as linked above which is working and in good order. For security purposes I am wanting the login field to blank out the characters entered for example;

How a password currently shows when entered;

http://i.gyazo.com/1bc2922c4f581b0da18fab68063c95b9.png

How I would like it to show when entered;

http://i.gyazo.com/1573c23c2b853de307e14ed0c8476669.png

The full filterscript is below;

#include <a_samp>
#include <a_mysql>

#define MYSQL_HOST "Blanked"
#define MYSQL_USER "Blankedt"
#define MYSQL_DATABASE "Blanked"
#define MYSQL_PASSWORD "Blanked"

enum
{
LoginDialog,
RegisterDialog
};

new
mysql;

native WP_Hash(buffer[], len, const str[]);

enum PlayerData
{
ID,
Name[MAX_PLAYER_NAME],
Password[129],
IP[16],
Admin,
VIP,
Money,
Float:posX,
Float:posY,
Float:posZ,
Float:posA
};

new Player[MAX_PLAYERS][PlayerData];

public OnGameModeInit()
{
mysql_log(LOG_ALL);
mysql = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_DATABASE, MYSQL_PASSWORD);
if(mysql_errno() != 0)
{
printf("[MySQL] The connection has failed.");
}
else
{
printf("[MySQL] The connection was successful.");
}
return true;
}

public OnPlayerConnect(playerid)
{
new
query[128],
playername[MAX_PLAYER_NAME];

GetPlayerName(playerid, playername, sizeof(playername));
mysql_format(mysql, query, sizeof(query), "SELECT `Password`, `ID` FROM `accounts` WHERE `Name` = '%e' LIMIT 1", playername);
mysql_tquery(mysql, query, "OnAccountCheck", "i", playerid);
return true;
}

forward OnAccountCheck(playerid);
public OnAccountCheck(playerid)
{
new
rows,
fields;
cache_get_data(rows, fields, mysql);

if(rows)
{
cache_get_field_content(0, "Password", Player[playerid][Password], mysql, 129);
Player[playerid][ID] = cache_get_field_content_int(0, "ID");
ShowPlayerDialog(playerid, LoginDialog, DIALOG_STYLE_INPUT, "Login", "Welcome player!\nYour account has been found in our database. Please fill in your password:", "Login", "Quit");
}
else
{
ShowPlayerDialog(playerid, RegisterDialog, DIALOG_STYLE_INPUT, "Register", "Welcome player!\nYour account has not been registered yet. Please fill in your desired password:", "Register", "Quit");
}
return true;
}

public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
switch(dialogid)
{
case LoginDialog:
{
if(!response) Kick(playerid);

new
hashpass[129],
query[100],
playername[MAX_PLAYER_NAME];

GetPlayerName(playerid, playername, sizeof(playername));
WP_Hash(hashpass, sizeof(hashpass), inputtext);
if(!strcmp(hashpass, Player[playerid][Password]))
{
mysql_format(mysql, query, sizeof(query), "SELECT * FROM `accounts` WHERE `Name` = '%e' LIMIT 1", playername);
mysql_tquery(mysql, query, "OnAccountLoad", "i", playerid);
}
else
{
SendClientMessage(playerid, -1, "You have specified an incorrect password!");
ShowPlayerDialog(playerid, LoginDialog, DIALOG_STYLE_INPUT, "Login", "Welcome player!\nYour account has been found in our database. Please fill in your password:", "Login", "Quit");
}
}
case RegisterDialog:
{
if(!response) return Kick(playerid);
if(strlen(inputtext) < 5)
{
SendClientMessage(playerid, -1, "Your password must at least contain more than 4 characters.");
return ShowPlayerDialog(playerid, RegisterDialog, DIALOG_STYLE_INPUT, "Register", "Welcome player!\nYour account has not been registered yet. Please fill in your desired password:", "Register", "Quit");
}
new
query[512],
playername[MAX_PLAYER_NAME],
playerip[16];


GetPlayerName(playerid, playername, sizeof(playername));
GetPlayerIp(playerid, playerip, sizeof(playerip));
WP_Hash(Player[playerid][Password], 129, inputtext);
mysql_format(mysql, query, sizeof(query), "INSERT INTO `accounts` (`Name`, `Password`, `IP`, `Admin`, `VIP`, `Money`, `PosX`, `PosY`, `PosZ`, `PosA`) VALUES ('%e', '%e', '%e', 0, 0, 0, 0.0, 0.0, 0.0, 0.0)", playername, Player[playerid][Password], playerip);
mysql_tquery(mysql, query, "OnAccountRegister", "i", playerid);
}
}
return false; // For filterscripts..
}

forward OnAccountLoad(playerid);
public OnAccountLoad(playerid)
{
Player[playerid][Admin] = cache_get_field_content_int(0, "Admin");
Player[playerid][VIP] = cache_get_field_content_int(0, "VIP");
Player[playerid][Money] = cache_get_field_content_int(0, "Money");
Player[playerid][posX] = cache_get_field_content_float(0, "PosX");
Player[playerid][posY] = cache_get_field_content_float(0, "PosY");
Player[playerid][posZ] = cache_get_field_content_float(0, "PosZ");
Player[playerid][posA] = cache_get_field_content_float(0, "PosA");

GivePlayerMoney(playerid, Player[playerid][Money]);
SendClientMessage(playerid, -1, "You have successfully logged in.");
return true;
}

forward OnAccountRegister(playerid);
public OnAccountRegister(playerid)
{
Player[playerid][ID] = cache_insert_id();
printf("[Registration] New account registered. Database ID: [%d]", Player[playerid][ID]);
return true;
}

public OnPlayerSpawn(playerid)
{
SetPlayerPos(playerid, Player[playerid][posX], Player[playerid][posY], Player[playerid][posZ]);
SetPlayerFacingAngle(playerid, Player[playerid][posA]);

return true;
}

public OnPlayerDisconnect(playerid, reason)
{
new
query[128],
Float:pos[4];

GetPlayerPos(playerid, pos[0], pos[1], pos[2]);
GetPlayerFacingAngle(playerid, pos[3]);

mysql_format(mysql, query, sizeof(query), "UPDATE `accounts` SET `Money` = %d, `PosX` = %f, `PosY` = %f, `PosZ` = %f, `PosA` = %f WHERE `ID` = %d",
GetPlayerMoney(playerid), pos[0], pos[1], pos[2], pos[3], Player[playerid][ID]);
mysql_tquery(mysql, query, "", "");

return true;
}

Thanks in advanced for all and any help!

rymax99
17/07/2015, 06:13 AM
Use 'DIALOG_STYLE_PASSWORD' instead of 'DIALOG_STYLE_INPUT'.

https://wiki.sa-mp.com/wiki/Dialog_Styles

CounterTDM
17/07/2015, 06:21 AM
Use 'DIALOG_STYLE_PASSWORD' instead of 'DIALOG_STYLE_INPUT'.

https://wiki.sa-mp.com/wiki/Dialog_Styles

Thank you very much, +Rep & Solved.