1) Correct user name, and password. Login is good!
2) Correct user name, wrong password. Denies login.
Problem arises when I have a WRONG username and or password. I am assuming that when I am querying for a user name and it doesn't find it, the result is null, but it seems that simply checking if the result of the query != null does not work in my case.
Here is my serverside extension:
Code: Select all
// a global variable
var dbase
/*
* Initializion point:
* this function is called as soon as the extension
* is loaded in the server.
* You can add here all the initialization code
*/
function init(){
trace("Initing dbExtension")
// get a reference to the database manager object
// This will let you interact with the database configured for this zone
dbase = _server.getDatabaseManager()
}
/*
* This method is called by the server when an extension
* is being removed / destroyed.
*
* Always make sure to release resources like setInterval(s)
* open files etc in this method.
*
* In this case we delete the reference to the databaseManager
*/
function destroy(){
// Release the reference to the dbase manager
delete dbase
}
/*
* Handle Client Requests
* cmd = a string with the client command to execute
* params = list of parameters expected from the client
* user = the User object representing the sender
* fromRoom = the id of the room where the request was generated
*/
function handleRequest(cmd, params, user, fromRoom){
}
/*
* This method handles internal events
* Internal events are dispactched by the Zone or Room where the extension is attached to
* the (evt) object
*/
function handleInternalEvent(evt){
// If there is a login request
if(evt.name == "loginRequest"){
trace("CUSTOM LOGIN EVENT RECIEVED");
// Store email and password from client
var nick = evt["nick"]
var pass = evt["pass"]
var chan = evt["chan"]
// Execute SQL query
var sql = dbase.executeQuery("SELECT password,email FROM user_accounts WHERE email='" + nick + "'");
var error = "";
// If the user name exists, check the password
if(sql != null){
trace("USER FOUND!");
var row = sql.get(0);
var dbEmail = row.getItem("email");
var dbPass = row.getItem("password");
trace("STORED DB PASSWORD IS: " + dbPass);
trace("USER PASSWORD IS: " + pass);
if(dbPass == pass){
trace("PASSWORDS MATCH!");
error = "";
}
else{
trace("PASSWORDS DO NOT MATCH!!!");
error = "Incorrect Password";
}
}
// If the user name does not exist
else{
trace("USER NOT FOUND!");
error = "Invalid User";
}
// Now that the validation part is done, lets try to log the user in
trace("BEFORE LOG IN, CHECKING FOR ERRORS ...");
var res = new Object();
if(error != ""){
trace("THERE WAS AN ERROR, CANNOT LOG IN");
res._cmd = "logKO";
}
else{
trace("NO ERRORS FOUND, CONTINUING LOG IN PROCESS");
var login = _server.loginUser(nick, pass, chan);
if(login.success){
trace("LOGIN SUCCESS!");
error = "";
res._cmd = "logOK";
}
else{
trace("UH OH, LOGIN ERROR :(");
error = login.error;
}
res.err = error;
}
// Send back the response of what happened
_server.sendResponse(res,-1,null,chan);
}
}
As I understand it, once I query the database, and a user is found, then Smartfox should fire this part:
trace("USER FOUND!");
But this should not be firing if I query the database, and the user is not found, right? I'm not sure whats going on.
How do you check if a record is null, other then
if(sql != null)
Because this doesn't seem to work. I believe that it is returning a record, but the record itself is null. How can I check all this? Any tips?
And yes, I have read the documentation, but nothing really covers what I am asking for. Any information will be much appreciated.