Search Unity

PHP - Error

Discussion in 'Scripting' started by VREntertainment, May 1, 2019.

  1. VREntertainment

    VREntertainment

    Joined:
    Aug 22, 2015
    Posts:
    15
    Hi, I have error in Unity Console but only " User login failed. Error # " (without number). Could anyone help mi wtih it?

    I think something is wrong at the end..

    Code (CSharp):
    1. <?php
    2.  
    3.  
    4. $con =  mysqli_connect('XXX', 'XXXr', 'XXX', 'XXX');
    5.  
    6. /// check that connection happens
    7.  
    8. if (mysqli_connect_errno())
    9. {
    10.  
    11.     echo "1: connection failed"; // error code #1 = connection failes
    12.     exit();
    13. }
    14.  
    15. $username = mysqli_real_escape_string($con,$_POST["name"]);
    16. $usernameclean = filter_var($username, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
    17. $password = $_POST["password"];
    18.  
    19. // check if name exists
    20. $namecheckquery = "SELECT username, salt, hash, score, gold, D1H FROM players WHERE username = '" . $usernameclean . "';";
    21.  
    22. $namecheck = mysqli_query ($con, $namecheckquery) or die ("2: Name check query failed"); // Error code #2 - name check query failed
    23.  
    24. if (mysqli_num_rows($namecheck) != 1)
    25. {
    26.  
    27.  
    28.     echo "5: Either no user with name, or more than one"; //error code #5 - number of names watching !=1
    29.     exit();
    30. }
    31.  
    32. // get login info from query
    33.  
    34. $existinglogininfo = mysqli_fetch_assoc($namecheck);
    35. $salt = $existinglogininfo["salt"];
    36. $hash = $existinglogininfo["hash"];
    37.  
    38. $loginhash = crypt($password, $salt);
    39.  
    40. if ($hash !=$loginhash)
    41. {
    42.  
    43.     echo "6: Inccorect password" ; // Error code #6 - password does not hash to match table
    44.     exit();
    45. }
    46.  
    47. echo "\t" . $existinglogininfo["score"];
    48. echo "\t" . $existinglogininfo["gold"];
    49. echo "\t". $existinglogininfo["D1H"];
    50.  
    51.  
    52. ?>
    53.  
    54.  
    55.  
     
    VREntertainment, May 1, 2019
    #1

  2. OmarDajani

    OmarDajani

    Joined:
    Aug 17, 2016
    Posts:
    49
    On line 20 you have an extra semicolon. Also, I would recommend using prepared statements instead of what you are doing now. Finally, I would place the credentials to your database in a configuration file as opposed to having them written in inline the source code (this would help protect the credentials incase something goes wrong and the plain PHP code is printed out.
     
    OmarDajani, May 1, 2019
    #2