I've done this some time ago (about 2 years i guess), i use it alot until now, works pretty fine (this is an old version and you can implement it as you wish, do not wait for me to support this).
Basically imports the native libmysql.dll functions and use them as done in the old C++ leaked source of TQ Digital.
Some people likes to use NHibernate, i hate it got many failures with it, so i use this instead.
This code is used as an extension to get the field names as they are done in your tables:
namespace GeniusAccServer.Structures
{
using GeniusMySQLCore.Structures;
using GeniusMySQLCore.Tables;
using GeniusNetwork.Interfaces;
using System;
using System.Text;
/// <summary>
/// Create a new instance to handle the account information sent by the client and registered at the server database.
/// </summary>
public sealed class Account
{
private string _name;
private string _password;
// The mysql record loaded from database.
private MySQLRecord _data;
/// <summary>
/// Create a new instance to handle the account information sent by the client and registered at the server database.
/// </summary>
/// <param name="szUsername">Username informed by the client when ask for connection</param>
/// <param name="szPassword">Password informed by the client when ask for connection, the value is encrypted by the client.</param>
public Account(string szUsername, string szPassword)
{
this._data = MySQLRecord.CreateNew("SELECT * FROM `zf_account` WHERE `name`='" + szUsername + "' LIMIT 1", "zf_account");
if(this._data)
{
// User does not exist, return it!
if (!this._data.MoveNext())
{
Console.WriteLine("Account {0} does not exists!", szUsername);
return;
}
// Assert the username and password used on login
this._name = szUsername;
this._password = szPassword;
}
}
/// <summary>
/// Account identity, server control only!
/// </summary>
public uint Identity { get { return _data.RowsCount() > 0 ? _data.LoadUInt32(ZfAccounts.Id) : 0; } }
/// <summary>
/// Account authority on server (is just a client, or is an super admin, or gm, or pm) this field may be validated on server side.
/// </summary>
public byte Authority { get { return (byte)(_data.RowsCount() > 0 ? _data.LoadByte(ZfAccounts.Authority) : 0); } }
/// <summary>
/// Account authentication type (banned, suspended or whatever).
/// </summary>
public byte AuthType { get { return (byte)(_data.RowsCount() > 0 ? _data.LoadByte(ZfAccounts.AuthType) : 0); } }
/// <summary>
/// check if the account password is encrypted on our database, if is not, encrypt it!
/// </summary>
public bool Encrypted { get { return Convert.ToBoolean(_data.RowsCount() > 0 ? _data.LoadByte(ZfAccounts.Seal) : 0); } }
/// <summary>
/// Account username used to authenticate the connection.
/// </summary>
public string Name { get { return _name; } }
/// <summary>
/// Account password used to authenticate the connection, it's encrypted by the client and encrypted server side.
/// </summary>
public string Password { get { return this._password; } }
/// <summary>
/// Decrypt the server password and client password, if the values match return true.
/// </summary>
public bool CheckPassAuth(ICipher cipher)
{
// Check if the password has been already encrypted
if (Encrypted)
{
// Gets the stored encrypted password
string szPassword = String.Empty;
this._data.LoadString(out szPassword, ZfAccounts.Name, 16);
// Decrypt it and compare
Byte[] encrypted = Encoding.ASCII.GetBytes(szPassword);
szPassword = Encoding.ASCII.GetString(cipher.Decrypt(encrypted, encrypted.Length));
return this.Password == szPassword;
}
else// if not, encrypt it!
{
// Gets the stored password
string szPassword = String.Empty;
this._data.LoadString(out szPassword, ZfAccounts.Password, 16);
// Encrypt and Save the data, but does not change on our main string check
Byte[] encrypted = Encoding.ASCII.GetBytes(szPassword);
this._data.SetString(ZfAccounts.Password, cipher.Encrypt(encrypted, encrypted.Length).ToString());
this._data.SetInt(ZfAccounts.Seal, 1);
this._data.Update();
// Compare booth passwords
return this.Password == szPassword;
}
}
/// <summary>
/// Update the account information on database, will mostly be used after login.
/// </summary>
public bool Update()
{
if (this.Identity == 0)
return false;// No client to update!
this._data.SetDword(ZfAccounts.LastLogin, DateTime.Now.Ticks);
return this._data.Update();
}
}
}
To set the configurations just set the global variables:
Be aware: If you make any, i mean ANYTHING wrong with your SQL command syntax, the source will just close, this is a problem for you to solve . So make sure that your SQL commands are allways right.
I guess that's all!
P.S: The LibMySQL.DLL must be at the folder with the .exe, otherwise you'll get errors.
Nice sql injection examples (I really hope you're not using this in production because if anyone with just a tiny bit of sql injection knowledge knows what to do then they could possibly compromise your whole database.)
Also another side note is that you do not encrypt passwords in a database, in fact that has little to no effect. You hash passwords because it's not possible to reverse (in general speaking, there are of course md5 databases etc. - but you can usually get around those too with seeds etc.)
Nice sql injection examples (I really hope you're not using this in production because if anyone with just a tiny bit of sql injection knowledge knows what to do then they could possibly compromise your whole database.)
Also another side note is that you do not encrypt passwords in a database, in fact that has little to no effect. You hash passwords because it's not possible to reverse (in general speaking, there are of course md5 databases etc. - but you can usually get around those too with seeds etc.)
Ah yes, this is an old code, just took it as sample, ignore the password thing...
Also, i've never had a problem with the MySQL injection, works fine and pretty "secure", with many changes made in this old code, of course...
Honestly, there are plenty of other libraries that are secure using parameterization that gets sanitized. I applaud your effort, but this library shouldn't be used in any production scenario. I agree with the rest of the group here.
Mysql funktioniert nicht.. service mysql status mysql does not exist in /etc/rc.d 07/09/2015 - Metin2 Private Server - 8 Replies Hey,
mein Mysql Server funktíoniert von jetzt auf gleich nicht mehr..
Kam aus dem Freibad und alles war down..
Wenn ich den Mysql Server starten will sagt er mir:
" service mysql status
mysql does not exist in /etc/rc.d or the local startup
directories (/usr/local/etc/rc.d) "
Und wenn ich meinen Metin Server starte "cant connect to 127.0.0.1" weil der Mysql Server down ist..
Problem With MySql's Connector 07/07/2014 - C/C++ - 1 Replies Hello Guys :) I've a problem with MySql's connector, i download mysql's connector ( MySQL :: Download Connector/C++ ) but there isn't mysql.h and libmysql can you help me? Thanks All
Lib.epk/eix statt /lib Verzeichniss??? 04/26/2014 - Metin2 Private Server - 2 Replies Hallo, meine Frage ist wie man es schafft in der "Binary" einzustellen, das er den Inhalt des "lib" Ordners also die ganzen "pyc" Scripts beispielsweiße aus den "root" epk,eix liest oder halt aus lib.epk /eix. Wäre so etwas möglich?
MfG Tom Jessel
MySQL C++ connector Dokumentation 12/03/2013 - C/C++ - 4 Replies Hi,
weiß jemand ob es zu der oben genannten Library eine Dokumentation existiert? Ich habe bereits die komplette MySQL Seite abgesucht, außer ein paar Codeschnipsel finde ich einfach nichts dazu.
Für ein Projekt benötige ich einige stabile Datenbankverbindungen (Connectionpool) zu einer MySQL Datenbank.
Die Datenbank wird dauernd abgefragt sowie geupdatet.
Evtl. kann mir auch jemand eine Alternative anbieten.
MySQL connector i cant install 02/27/2010 - SRO Private Server - 0 Replies When i try install mysql connector net i cant beouse when install finish i have error
ended prematurely becouse of an error Your system has not been modified To install this program at a later time run setup wizard again
and i must click only finish -.- sry but im no write in csremu thread becouse to big spam
im try install older version mysql connector but that same i cant install
who can help me ?
![[Release] Simple MySQL Lib Connector for C#](https://www.elitepvpers.com/forum/iconimages/co2-pserver-guides-releases/release-simple-mysql-lib-connector-c_ltr.gif){kind=small}
. So make sure that your SQL commands are allways right.
