Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Work in Progress / Login Authentication Library - Version 1.0 (Beta)

Author
Message
Mugen Wizardry
User Banned
Posted: 20th Aug 2011 22:05 Edited at: 7th Sep 2011 23:25
Link
EDIT: THREAD DELETED AND GONE!

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Mugen Wizardry
User Banned
Posted: 20th Aug 2011 23:36 Edited at: 7th Sep 2011 23:23
Link
DUE TO NO ONE LIKING THIS, I AM REMOVING IT!

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Mugen Wizardry
User Banned
Posted: 21st Aug 2011 17:27
Link
Does ANYONE like this? Or should I remove it?

It is a VERY useful piece of technology. You can manipulate ANY type of MySQL command you want.

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Bluespark
13
Years of Service
User Offline
Joined: 18th Mar 2011
Location:
Posted: 21st Aug 2011 20:12
Link
Hi MW,
I like this. I'm assuming that it could be used to save leaderboards online and such, correct?
This is very useful, just that I need to develop my game further.
Back to top
Profile PM
Mugen Wizardry
User Banned
Posted: 21st Aug 2011 22:58
Link
Yes. It can be used to manipulate ANY MySQL command or commands. It can save MORE than JUST Leaderboards

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Mugen Wizardry
User Banned
Posted: 22nd Aug 2011 21:42
Link
Has anyone else tried it?

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Gunslinger
16
Years of Service
User Offline
Joined: 29th May 2007
Location:
Posted: 26th Aug 2011 05:52 Edited at: 26th Aug 2011 05:54
Link
Well, client -> online database isn't good at all.
Login Data could be fished and so someone could access the database.
Database Connection should be made with a server, allways.

But good idea.

Edit: I think thats the reason why you removed your webside example?
Back to top
Profile PM
Cyborg ART
17
Years of Service
User Offline
Joined: 14th Jan 2007
Location: Sweden - Sthlm
Posted: 26th Aug 2011 16:49
Link
Perfect! Just what I was looking for! will give it a try.

Back to top
Profile PM Email Website
Mugen Wizardry
User Banned
Posted: 26th Aug 2011 17:58
Link
No it is not. And no, it CANNOT be phished. I encrypt the password data as it travels through the internet with MD5

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Gunslinger
16
Years of Service
User Offline
Joined: 29th May 2007
Location:
Posted: 26th Aug 2011 18:26
Link
Yes, i dont mean the user password.
If your cleint connects directly with the database, like
HOST: 123.132.123.133
Port: 8885
User: SSSsss
Database Password: uifsdfjk
Database: test_db

that data is not encryption in the client, is it?

That Connection Info is easy to phish, get a packet logger and you have all data in plaintext. (Again: I'm not talking about the User Password)

If someone got the info, he could easy connect to the database with a sql manager and edit the database.

But again: If you use this in a server - its totally okay and very good but: In a client, a direct database connection isnt secure.
Back to top
Profile PM
Mugen Wizardry
User Banned
Posted: 26th Aug 2011 18:29
Link
it IS secure. It secures the MD5 in my database as well.

Also, the EXE is Super encrypted by a program I used, so even if u did manage to find the line that allows u to login, u cant phish it, as I had it encrypted.

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Mugen Wizardry
User Banned
Posted: 26th Aug 2011 18:34
Link
Besides, Phishing is illegal

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
KISTech
16
Years of Service
User Offline
Joined: 8th Feb 2008
Location: Aloha, Oregon
Posted: 26th Aug 2011 18:49
Link
Quote: "Besides, Phishing is illegal"


..and yet it's done every day. Putting a live SQL server of any type on the internet is just asking to get hacked. My system gets port scanned by hackers all the time, and if they found an open SQL server port they would have a field day.

Database connections should only happen on the local machine. Typically that's a server app connecting to the local database to validate the client/player through the app's own secure login methods.

Back to top
Profile PM Email Website
Mugen Wizardry
User Banned
Posted: 26th Aug 2011 18:51
Link
that's what this does -.-

I encrypted the EXE, and the data travelling through and back to it.

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Gunslinger
16
Years of Service
User Offline
Joined: 29th May 2007
Location:
Posted: 26th Aug 2011 19:00 Edited at: 26th Aug 2011 19:03
Link
No, you did:
Accessing the Database on your Webserver from your computer

That is bad.

Accessing the Database on your Webserver from an application on your webserver.

That is good, because there's no direkt access from the internet to the database.

But thats not a point of your project, more a thing of your example.
With your project its possible to create a local server thats connecting to a local database. Thats good!
But User should not connect with the client directly to the database.
Like

Client -> [connect] -> Database <--- wrong
it should be
Client -> [connect] -> Server -> [connect] -> Database (without connection with the internet / "outside") <--- good.

Would be Better if you create an additional example with client & server, and the server is connected to the database.

And no, not everything is encrypted. Connection data is plain data and easy to read out.
Saying 'yes, but its illegal!' to secury bugs... come on, nobody cares if its illegal or not. Its a massiv security hole.


-----

If you dont want to understand that this is not secure - okay, your thing. Its just my opinion that your example (I repeat: your example, not your project!) is not secure.
Back to top
Profile PM
Mugen Wizardry
User Banned
Posted: 26th Aug 2011 19:04
Link
It is up to the user what happens. I can't be held responsible for THEIR screw ups.

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Gunslinger
16
Years of Service
User Offline
Joined: 29th May 2007
Location:
Posted: 26th Aug 2011 19:10 Edited at: 26th Aug 2011 19:10
Link
Yes, it's the thing of the user. Thats right.
Just wanted to tell you, because the example connected on your website database. And thats your Database that could be screwed up.

By the way, you know why it's not starting for me?
Before i have installed the connecter, when i've started it, it said "No Connector something".
Installed the ODCB Connector, now the .exe is not starting anymore.

Got an Idea?

Win7 64bit
Back to top
Profile PM
Mugen Wizardry
User Banned
Posted: 26th Aug 2011 19:20 Edited at: 26th Aug 2011 19:21
Link
Quote: "Hey guys, sorry, forgot to mention a few things.

To download the NO .NET needed SQL plugin, go here:

http://forum.thegamecreators.com/?m=forum_view&t=184486&b=18

You will ALSO need to download the simple message box plugin (Credit: Twisted Steel Software)

You can download THAT at: http://forum.thegamecreators.com/?m=forum_view&t=127624&b=1

You will ALSO need BBB GUI (credit: Brendy Boy)

Found here:

http://forum.thegamecreators.com/?m=forum_view&t=162825&b=8

If you do NOT have the ODBC DLL file, needed to connect using MySQL, you can download it from the uploaded attachment! I have already scanned it for viruses, there are none at all. If you want to scan it more, feel free!

You will then need to put it inside of a folder in your Program Files OR Program Files (X86) folder, depending on your version of Windows.

In my case, it's C:\Program Files (x86)\MySQL\Connector ODBC 3.51\

Because I have Windows 7 - 64 Bit.

In the case of Vista and under, use C:\Program Files\MySQL\Connector ODBC 3.51

If you do NOT have the folder in your program files called MySQL (Yes, spell it the EXACT way I did. Grammar and all)., Then make that folder there. And then INSIDE of the MySQL folder, create a folder named "Connector ODBC 3.51". (Again, spell it the EXACT same way I did). THEN you need to put myodbc3.dll inside the Connector ODBC 3.51 folder AFTER extracting it."


Quote: "If you do NOT have the ODBC DLL file, needed to connect using MySQL, you can download it from the uploaded attachment! I have already scanned it for viruses, there are none at all. If you want to scan it more, feel free!"


It's attached to the second post

Second post in this thread

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Mugen Wizardry
User Banned
Posted: 6th Sep 2011 20:26
Link
Just wondering, has this actually helped anybody, or am I wasting my time giving you guys free code?

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Mugen Wizardry
User Banned
Posted: 7th Sep 2011 16:35 Edited at: 7th Sep 2011 23:25
Link
EDIT: THREAD DELETED!

CHECK OUT MY WEBSITE AT http://imageposeidon.com/ !
Back to top
Profile
Back to top

Login to post a reply

Server time is: 2024-04-20 12:02:59
Your offset time is: 2024-04-20 12:02:59