TFS 1.X+ IOLoginData::loginserverAuthentication

ForgottenNot · Jun 21, 2023

Hello I've editing this code a lot in order to access to my server using multiworld.
I use tfs 1.4
I can log in to the server but i can't laod character list. I've debugged things and such but don't know what else to do. Please help me
editing this code in order to laod charcter list properly

Lua:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    //query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premdays`, `lastday` FROM `accounts` WHERE `name` = " << db.escapeString(name);//original
    DBResult_ptr result = db.storeQuery(fmt::format(
        "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = {:s}",
        db.escapeString(name)));
    //DBResult_ptr result = db.storeQuery(query.str()); //removido venia con original
    if (!result) {
        return false;
    }

    if (transformToSHA1(password) != result->getString("password")) {
        return false;
    }

    account.id = result->getNumber<uint32_t>("id");
    account.name = result->getString("name");
    account.key = decodeSecret(result->getString("secret"));
    account.accountType = static_cast<AccountType_t>(result->getNumber<int32_t>("type"));
    account.premiumEndsAt = result->getNumber<time_t>("premium_ends_at");


    #ifdef MULTIWORLD_SYSTEM
        query.str(std::string());
        //result = db.storeQuery(fmt::format("SELECT `name`, `deletion`, `world_id`, FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0", account.id));
        result = db.storeQuery(fmt::format("SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0 ORDER BY `name` ASC", account.id));
        //query << "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = " << account.id; //original
        result = db.storeQuery(query.str());
        if (result) {
            do {
                /*if (result->getNumber<uint64_t>("deletion") == 0)*/ {
                    Character character;
                    character.name = result->getString("name");
                    character.worldid = result->getNumber<uint16_t>("world_id");
                    account.characters.push_back(character);
                }
            } while (result->next());
        }
    #else
        query.str(std::string());
        //query << "SELECT `name`, `deletion` FROM `players` WHERE `account_id` = " << account.id;//original
        result = db.storeQuery(fmt::format("SELECT `name`  FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0 ORDER BY `name` ASC", account.id));
        //result = db.storeQuery(query.str());
        if (result) {
            do {
                //if (result->getNumber<uint64_t>("deletion") == 0) {
                    account.characters.push_back(result->getString("name"));
                }
            } while (result->next());
            //std::sort(account.characters.begin(), account.characters.end());
        }
    #endif
    return true;
}

I've been editing the code and i've rcieved errors like these:

Code:

Error - mysql_store_result] Query: SELECT id, name, password, secret, type, premium_ends_at FROM accounts WHERE name = {:s}'5546102'
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ':s}'5546102'' at line 1

Code:

[Error - mysql_real_query] Query:
Message: Query was empty
[Error - mysql_store_result] Query:
Message: Query was empty

NvSo · Jun 21, 2023

ForgottenNot said:

C++:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    //query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premdays`, `lastday` FROM `accounts` WHERE `name` = " << db.escapeString(name);//original
    DBResult_ptr result = db.storeQuery(fmt::format(
        "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = {:s}",
        db.escapeString(name)));
    //DBResult_ptr result = db.storeQuery(query.str()); //removido venia con original
    if (!result) {
        return false;
    }

    if (transformToSHA1(password) != result->getString("password")) {
        return false;
    }

    account.id = result->getNumber<uint32_t>("id");
    account.name = result->getString("name");
    account.key = decodeSecret(result->getString("secret"));
    account.accountType = static_cast<AccountType_t>(result->getNumber<int32_t>("type"));
    account.premiumEndsAt = result->getNumber<time_t>("premium_ends_at");


    #ifdef MULTIWORLD_SYSTEM
        query.str(std::string());
        //result = db.storeQuery(fmt::format("SELECT `name`, `deletion`, `world_id`, FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0", account.id));
        result = db.storeQuery(fmt::format("SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0 ORDER BY `name` ASC", account.id));
        //query << "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = " << account.id; //original
        result = db.storeQuery(query.str());
        if (result) {
            do {
                /*if (result->getNumber<uint64_t>("deletion") == 0)*/ {
                    Character character;
                    character.name = result->getString("name");
                    character.worldid = result->getNumber<uint16_t>("world_id");
                    account.characters.push_back(character);
                }
            } while (result->next());
        }
    #else
        query.str(std::string());
        //query << "SELECT `name`, `deletion` FROM `players` WHERE `account_id` = " << account.id;//original
        result = db.storeQuery(fmt::format("SELECT `name`  FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0 ORDER BY `name` ASC", account.id));
        //result = db.storeQuery(query.str());
        if (result) {
            do {
                //if (result->getNumber<uint64_t>("deletion") == 0) {
                    account.characters.push_back(result->getString("name"));
                }
            } while (result->next());
            //std::sort(account.characters.begin(), account.characters.end());
        }
    #endif
    return true;
}

try this:

C++:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = '" << db.escapeString(name) << "'";
    DBResult_ptr result = db.storeQuery(query.str());
    if (!result) {
        return false;
    }

    if (transformToSHA1(password) != result->getString("password")) {
        return false;
    }

    account.id = result->getNumber<uint32_t>("id");
    account.name = result->getString("name");
    account.key = decodeSecret(result->getString("secret"));
    account.accountType = static_cast<AccountType_t>(result->getNumber<int32_t>("type"));
    account.premiumEndsAt = result->getNumber<time_t>("premium_ends_at");

#ifdef MULTIWORLD_SYSTEM
    query.str(std::string());
    query << "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            Character character;
            character.name = result->getString("name");
            character.worldid = result->getNumber<uint16_t>("world_id");
            account.characters.push_back(character);
        } while (result->next());
    }
#else
    query.str(std::string());
    query << "SELECT `name` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            account.characters.push_back(result->getString("name"));
        } while (result->next());
    }
#endif
    return true;
}

i known its 1.4 but check if have include fmt format:

C++:

#include <fmt/format.h>

ForgottenNot · Jun 22, 2023

NvSo said:

try this:

C++:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = '" << db.escapeString(name) << "'";
    DBResult_ptr result = db.storeQuery(query.str());
    if (!result) {
        return false;
    }

    if (transformToSHA1(password) != result->getString("password")) {
        return false;
    }

    account.id = result->getNumber<uint32_t>("id");
    account.name = result->getString("name");
    account.key = decodeSecret(result->getString("secret"));
    account.accountType = static_cast<AccountType_t>(result->getNumber<int32_t>("type"));
    account.premiumEndsAt = result->getNumber<time_t>("premium_ends_at");

#ifdef MULTIWORLD_SYSTEM
    query.str(std::string());
    query << "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            Character character;
            character.name = result->getString("name");
            character.worldid = result->getNumber<uint16_t>("world_id");
            account.characters.push_back(character);
        } while (result->next());
    }
#else
    query.str(std::string());
    query << "SELECT `name` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            account.characters.push_back(result->getString("name"));
        } while (result->next());
    }
#endif
    return true;
}

i known its 1.4 but check if have include fmt format:

C++:

#include <fmt/format.h>

Hello

Hey i tested the code and while im trying to access to the character list i get this error in the console exe
lso in client it says thar password or account is wrong meanwhile i know the password its properly written

Lua:

>> Forgotten Server Online!

[Error - mysql_real_query] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''123123''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '123123''' at line 1
[Error - mysql_store_result] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '123123''' at line 1

NvSo · Jun 22, 2023

ForgottenNot said:

Hello

Hey i tested the code and while im trying to access to the character list i get this error in the console exe
lso in client it says thar password or account is wrong meanwhile i know the password its properly written

Lua:

>> Forgotten Server Online!

[Error - mysql_real_query] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''123123''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '123123''' at line 1
[Error - mysql_store_result] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '123123''' at line 1

Very strange, try as follows

C++:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = '" << db.escapeString(name) << "'";
    DBResult_ptr result = db.storeQuery(query.str());
    if (!result) {
        return false;
    }

    if (transformToSHA1(password) != result->getString("password")) {
        return false;
    }

    account.id = result->getNumber<uint32_t>("id");
    account.name = result->getString("name");
    account.key = decodeSecret(result->getString("secret"));
    account.accountType = static_cast<AccountType_t>(result->getNumber<int32_t>("type"));
    account.premiumEndsAt = result->getNumber<time_t>("premium_ends_at");

#ifdef MULTIWORLD_SYSTEM
    query.str(std::string());
    query << "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            Character character;
            character.name = result->getString("name");
            character.worldid = result->getNumber<uint16_t>("world_id");
            account.characters.push_back(character);
        } while (result->next());
    }
#else
    query.str(std::string());
    query << "SELECT `name` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            account.characters.push_back(result->getString("name"));
        } while (result->next());
    }
#endif
    return true;
}

ForgottenNot · Jun 22, 2023

NvSo said:

Very strange, try as follows

C++:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = '" << db.escapeString(name) << "'";
    DBResult_ptr result = db.storeQuery(query.str());
    if (!result) {
        return false;
    }

    if (transformToSHA1(password) != result->getString("password")) {
        return false;
    }

    account.id = result->getNumber<uint32_t>("id");
    account.name = result->getString("name");
    account.key = decodeSecret(result->getString("secret"));
    account.accountType = static_cast<AccountType_t>(result->getNumber<int32_t>("type"));
    account.premiumEndsAt = result->getNumber<time_t>("premium_ends_at");

#ifdef MULTIWORLD_SYSTEM
    query.str(std::string());
    query << "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            Character character;
            character.name = result->getString("name");
            character.worldid = result->getNumber<uint16_t>("world_id");
            account.characters.push_back(character);
        } while (result->next());
    }
#else
    query.str(std::string());
    query << "SELECT `name` FROM `players` WHERE `account_id` = " << account.id << " AND `deletion` = 0 ORDER BY `name` ASC";
    result = db.storeQuery(query.str());
    if (result) {
        do {
            account.characters.push_back(result->getString("name"));
        } while (result->next());
    }
#endif
    return true;
}

i receive a similar error in console

Lua:

[Error - mysql_real_query] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102''' at line 1
[Error - mysql_store_result] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102''' at line 1

and in client i get login error, acc or pass is wrong, meanwhile i know it's properly written

NvSo · Jun 22, 2023

ForgottenNot said:

i receive a similar error in console

Lua:

[Error - mysql_real_query] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102''' at line 1
[Error - mysql_store_result] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102''
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102''' at line 1

and in client i get login error, acc or pass is wrong, meanwhile i know it's properly written

if you look closely there is an error in the quotes "" that are being sent in the query

C++:

WHERE `name` = {:s}", db.escapeString(name)));

try that way i have not been able to test it locally. I will do it later.

important:

C++:

#include <fmt/format.h>

lursky · Jun 22, 2023

Just use FMT to format these queries like:

C++:

fmt::format("SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = {:s}", db.escapeString(name))

C++:

fmt::format( "SELECT `name`, `deletion`, `world_id` FROM `players` WHERE `account_id` = {:d} AND `deletion` = 0 ORDER BY `name` ASC", account.id)

ForgottenNot · Jun 22, 2023

NvSo said:
if you look closely there is an error in the quotes "" that are being sent in the query

C++:

WHERE `name` = {:s}", db.escapeString(name)));

try that way i have not been able to test it locally. I will do it later.

important:

C++:

#include <fmt/format.h>

pretty strange, i changed it to this

Lua:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = '" << db.escapeString(name);

but i'm getting the same error

Code:

[Error - mysql_real_query] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102'
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102'' at line 1
[Error - mysql_store_result] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102'
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102'' at line 1

lursky · Jun 22, 2023

@ForgottenNot escapeString already wraps strings with 'value' so you can remove additionall ':

C++:

= " << db.escapeString(name);

NvSo · Jun 22, 2023

ForgottenNot said:

pretty strange, i changed it to this

Lua:

bool IOLoginData::loginserverAuthentication(const std::string& name, const std::string& password, Account& account)
{
    Database& db = Database::getInstance();

    std::ostringstream query;
    query << "SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = '" << db.escapeString(name);

but i'm getting the same error

Code:

[Error - mysql_real_query] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102'
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102'' at line 1
[Error - mysql_store_result] Query: SELECT `id`, `name`, `password`, `secret`, `type`, `premium_ends_at` FROM `accounts` WHERE `name` = ''5546102'
Message: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5546102'' at line 1

The problem you have is directly related to the Syntax you are using for the database query, it has nothing to do with the code, check how Quotes are being handled in MYSQL first. in order to send the query properly.

ForgottenNot · Jun 22, 2023

Now i have no errors in console i can access to the game, but can't load the character list it stays" in client connecting"
no errors in console, who could lend me a hand reviwing my commits?

TFS 1.X+ IOLoginData::loginserverAuthentication

ForgottenNot

Member

NvSo

NvSo is there!

ForgottenNot

Member

NvSo

NvSo is there!

ForgottenNot

Member

NvSo

NvSo is there!

lursky

Advanced OT User

ForgottenNot

Member

lursky

Advanced OT User

NvSo

NvSo is there!

ForgottenNot

Member

Similar threads