Graal Forums  

Go Back   Graal Forums > Development Forums > NPC Scripting
Reload this Page SQL Problem
FAQ Members List Calendar Today's Posts

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 10-13-2011, 07:18 AM
Gunderak Gunderak is offline
Coder
Gunderak's Avatar
Join Date: Jun 2011
Location: Australia
Posts: 795
Gunderak is on a distinguished road
SQL Problem
I am probably doing this horribly wrong, but I am really new to SQL and would appreciate ANY advice given.
Basically my aim is to make a login box.
I have made it, it works. BUT It only allows you to login to the LAST created Account and Password Row, it seems all others are ignored.
Here is the GUI I am using to login.

PHP Code:
findplayer("Graal780374").addweapon(name);
function onActionServerSide(){
if(params[0] == "Login"){
temp.req requestsql("SELECT * FROM Accounts"true);
for (temp.rowtemp.req.rows)
if(params[1] == temp.row.Account && params[2] == temp.row.Password){
player.chat "Sucessful Username Entered!";
}else{
player.chat "Failed Login!";
}
}
}
//#CLIENTSIDE
function onCreated() {
  new GuiWindowCtrl("Login_Window") {
    profile GuiBlueWindowProfile;
    clientrelative true;
    clientextent "154,124";

    canclose false;
    canmaximize false;
    canminimize false;
    canmove false;
    canresize true;
    closequery false;
    destroyonhide false;
    = (screenwidth/2) - (width/2);
    = (screenheight/2) - (height/2);
    alpha 1;

    new GuiTextCtrl("Login_Text") {
      profile GuiBlueTextProfile;
      height 20;
      text "Login";
      width 32;
      58;
      5;
    }
    new GuiTextCtrl("Account_Text") {
      profile GuiBlueTextProfile;
      height 20;
      text "Account";
      width 48;
      6;
      35;
    }
    new GuiTextCtrl("Password_Text") {
      profile GuiBlueTextProfile;
      height 20;
      text "Password";
      width 57;
      6;
      60;
    }
    new GuiTextEditCtrl("Account_TextEdit") {
      profile GuiBlueTextEditProfile;
      height 20;
      width 80;
      69;
      36;
      text "";
    }
    new GuiTextEditCtrl("Password_TextEdit") {
      profile GuiBlueTextEditProfile;
      height 20;
      width 80;
      69;
      61;
      text "";
    }
    new GuiButtonCtrl("Login_Button") {
      profile GuiBlueButtonProfile;
      text "Login";
      width 55;
      height 25;
      100;
      100;
    }
    new GuiButtonCtrl("Register_Button") {
      profile GuiBlueButtonProfile;
      text "Register";
      width 55;
      height 25;
      100;
      = -1;
    }
  }
}

function Login_Button.onAction() {
triggerserver("weapon"this.name"Login"Account_TextEdit.textPassword_TextEdit.text);
And here is what i am doing to create the tables, which DOES work.

PHP Code:
requestsql("CREATE TABLE Accounts (Account varchar not null default '' primary key, Password int not null default 1)"false);

requestsql("INSERT INTO Accounts VALUES ('Account', 'Password')"false);
requestsql("INSERT INTO Accounts VALUES ('Account2', 'Password2')"false);

temp.req requestsql("SELECT * FROM Accounts"true);
if (!temp.req.completed)
  waitfor(temp.req,"onReceiveData",60);
  
echo("Accounts in database: " temp.req.rows.size());
for (temp.rowtemp.req.rows)
echo("SQL:   "@temp.row.Account@"   "@temp.row.Password); 
As I stated i am probably doing it extremely wrong.
__________________

Gund for president.

Remote PM {P*}x (Graal813044) from eraiphone -> Stefan: I hav 1 qustion
*Gunderak: he hav 1
*Gunderak: qustion
Reply With Quote
  #2  
Old 10-13-2011, 08:22 AM
Mark Sir Link Mark Sir Link is offline
Kevin Azite
Mark Sir Link's Avatar
Join Date: Sep 2005
Posts: 1,489
Mark Sir Link is just really niceMark Sir Link is just really nice
Send a message via AIM to Mark Sir Link
because you're constantly cycling through all rows.

your query should be something like SELECT * FROM Accounts WHERE Account='"@params[1]@"'";

then if your returned rows array size is greater than one, you know the account exists.

then, if the password is correct, then it is valid.

However, this sort of password authentication on a server is usually pretty pointless since you should inherently trust the login of the player itself from Graal.

If it's to try to add an extra layer of security to staff tools, you can simply verify some additional right like player.hasrightflag("warptoxy") and that will verify that the staff member is logging in from a valid location as determined by their listed IP/PC ranges
Reply With Quote
  #3  
Old 10-13-2011, 08:49 AM
Gunderak Gunderak is offline
Coder
Gunderak's Avatar
Join Date: Jun 2011
Location: Australia
Posts: 795
Gunderak is on a distinguished road
Since I posted this i have been Googling away madly and have found out a little bit more so WHERE Account= would select the row that contains the account entered?
And I am mainly doing this as practise with SQL i plan to make a WHOLE system using it like Guns with ammo stored in SQL and pretty much everything.
Thanks for your help
__________________

Gund for president.

Remote PM {P*}x (Graal813044) from eraiphone -> Stefan: I hav 1 qustion
*Gunderak: he hav 1
*Gunderak: qustion
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +2. The time now is 07:33 PM.

Contact Us - Graal - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.