[EO - Event System 3.0] MySQL Login System

DANGER!!! IT CHANGES YOUR SERVER LOGIN SYSTEM!!! DO IT ON YOUR OWN RISK!!!

Please use only the myBB for this version. Please be carefully and make a secure copy of your project before you do anything!!!

The Clientregistration doesn’t work so far…

How do add a MySQL Login into EO 3.0 is very strange but possible. I must tell you a little bit before you start to fast.  First you must know that the current version only works with myBB. That is the same Software which Robin with CC use. This forumsoftware has a normal encoding of passwords. After some tests i got it and find a way to do this with VB6. Its a strange MD5 and SALT combination. So you need to use this Forum-Software. Later i try other Boards.

Video:
http://www.youtube.com/watch?v=PB227iBPLYg

So what do you need?
1. myBB
2. A server where you can install it
3. With that a MySQL Database
4. The “MyVbQL.dll” & “libmysql.dll” in the same folder where the “Server.exe” is
5. A reference in your Serverproject to the “MyVbQL.dll”
6. My “modSQL.bas”
6. The “clsMD5.cls”

What you must change:

Server:
modContants

Below:

Public Const EFFECT_TYPE_TINT As Long = 6
```Add:

Public MD5 As clsMD5


* * *

*   Include the modSQL.bas to your project.
*   Include the clsMD5.cls to you project.
*   Add a reference to the "MyVbQL.dll". You find this under the menu (Project->References).

* * *

modHandleData

Replace:

If Not AccountExist(Name) Then
                Call AlertMsg(index, “That account name does not exist.”)
                Exit Sub
            End If

If Not PasswordOK(Name, Password) Then
                Call AlertMsg(index, “Incorrect password.”)
                Exit Sub
            End If

If IsMultiAccounts(Name) Then
                Call AlertMsg(index, “Multiple account logins is not authorized.”)
                Exit Sub
            End If

If sqlLoginUser(name, password) = 0 Then
                Call AlertMsg(index, “Nickname or Password incorrect!”)
                Exit Sub
            Else
                Call sqlAddNewChar(index, name, password)
                'Call AlertMsg(index, “Login successfully!”)
            End If

If Not AccountExist(name) Then
                'Call AlertMsg(index, “That account name does not exist.”)
                'Exit Sub
            End If

If Not PasswordOK(name, password) Then
                'Call AlertMsg(index, “Incorrect password.”)
                'Exit Sub
            End If

If IsMultiAccounts(name) Then
                'Call AlertMsg(index, “Multiple account logins is not authorized.”)
                'Exit Sub
            End If


* * *

Change:

Public Const sqlServer As String = “test.com
Public Const sqlUsername As String = “123456”
Public Const sqlPassword As String = “123456789”
Public Const sqlDBName As String = “123458”
Public Const sqlTable As String = “mybb_users”

To your Login informations. Only look at the sqlTable. This is the field for the myBB Version.

* * *

*   The username-field must have the name "username"
*   The password-field must have the name "password"
*   The salt-field must have the name "salt"

**Please use only the myBB for this version. Please be carefully and make a secure copy of your project before you do anything!!!**

AMAZING!!
However 1 questions. Lets say I already registered on my site, and I now implement this system. What do I do?

Wait, if you add this directly to the server, wouldn’t the queries practically halt the entire thing?

Still, very nice, I could try and make an authentication server with this. =D

At me nothing stops! The sql works instant and stops nothing… But pls try and report bugs if possible… 🙂

What happens if i have people already registered on the site, and then I implement this system?

They can login 🙂

Really Wow!

Yes because if the account on the GameServer doesnt exists he create one after the login.

Sub sqlAddNewChar doeasnt exist

This displays when i try to login from client

And this highlights when i press debug

Did you do “5. A reference in your Serverproject to the “MyVbQL.dll””

@GodWar:

Did you do “5. A reference in your Serverproject to the “MyVbQL.dll””

Yes

sqlGetSalt only got calles when user login! So when you got the error before there is something missing. But you only need the 2 DLLs IN your \server\ folder and the refernece to the MyVbQL.dll which activate the “MySQL Visual Basic API v2.0.0”

How do you add a reference?

@GodWar:

sqlGetSalt only got calles when user login! So when you got the error before there is something missing. But you only need the 2 DLLs IN your \server\ folder and the refernece to the MyVbQL.dll which activate the “MySQL Visual Basic API v2.0.0”

I added reference correctly and i have both dlls in server folder.

And i dont know if i added this step correctly:

Replace:

            If Not AccountExist(Name) Then
                Call AlertMsg(index, "That account name does not exist.")
                Exit Sub
            End If

            If Not PasswordOK(Name, Password) Then
                Call AlertMsg(index, "Incorrect password.")
                Exit Sub
            End If

            If IsMultiAccounts(Name) Then
                Call AlertMsg(index, "Multiple account logins is not authorized.")
                Exit Sub
            End If
```With:

If sqlLoginUser(name, password) = 0 Then
                Call AlertMsg(index, “Nickname or Password incorrect!”)
                Exit Sub
            Else
                Call sqlAddNewChar(index, name, password)
                'Call AlertMsg(index, “Login successfully!”)
            End If

If Not AccountExist(name) Then
                'Call AlertMsg(index, “That account name does not exist.”)
                'Exit Sub
            End If

If Not PasswordOK(name, password) Then
                'Call AlertMsg(index, “Incorrect password.”)
                'Exit Sub
            End If

If IsMultiAccounts(name) Then
                'Call AlertMsg(index, “Multiple account logins is not authorized.”)
                'Exit Sub
            End If

I added it to HandleLogin. And i commented this:

Call sqlAddNewChar(Index, Name, password)

Becouse  you dont added that sub to tutorial and uncommented this:

Call AlertMsg(Index, “Login successfully!”)

Warning - while you were typing a new reply has been posted. You may wish to review your post.

I tried this in a blank EO, and the login doesn’t appear to work. From what I can work out, it’s attempting to use the normal password, and comparing that against the salted password, and as a result, will always return false. I had little idea, but I did change something around, and got it to work (can’t remember what, I didn’t save my changes. Was just playing around)…if I’m honest, this is one of the few times I’ve played around with SQL.

GodWar, when you wrote this, did you try it in a base EO yourself? As an example, the sub sqlAddNewChar doesn’t exist, instead it’s sqlAddUser. I still think this needs a bit more testing before it can be used.

Although, you were right about it being weirdly instant, seriously, it logged in exactly the same time as normal for me. xD

Hmmm!

First: I don’t try it with the EO 2.0! Because i do this for EO 3.0 🙂
Second: You know that this only work with the myBB i post!? Because this forum use the easyest salt i found. Other Boards use antother salt method.
Third: The sqlAddUser is not finished yet because i delete it because the user MUST register in the forum! Same with sqlDelUser

@GodWar:

Hmmm!

First: I don’t try it with the EO 2.0! Because i do this for EO 3.0 🙂
Second: You know that this only work with the myBB i post!? Because this forum use the easyest salt i found. Other Boards use antother salt method.
Third: The sqlAddUser is not finished yet because i delete it because the user MUST register in the forum! Same with sqlDelUser

  1. The registration systems haven’t changed. It’d work exactly the same. My point is, have you actually tested this outside of your source, and followed the tutorial in a clean source, to make sure it’s actually functional?

  2. Yes, I was testing on myBB. It still didn’t unsalt the passwords, as said.

  3. I was registering in the forum, I was just mentioning that you used it in the tutorial, when it didn’t actually work, which leads me to believe that this wasn’t really tried.

I have a actual working SQL auth server for mybb and I can tell you that anyone who uses this and does not edit the tables correctly with mybb expect lots of people logging on your admin accounts and changing the passwords.

Edit:

Downloaded it and started messing around, im currently fixing the MD5 to get the correct encryption to match up with a smf password encryption.

Log in to reply