Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Thu Feb 16, 2017 2:41 pm Post subject: |
|
|
you might want to sanitize/escape the input variables first before using them in sql queries (lookup sql injection) , or use prepared statements/stored procedures/whatever
anyhow
1:
clientside:
URL="http://sie.com/file.php?username="..MyTrainer.edtUsername.Text.."&password="..MyTrainer.edtPassword.Text.."&is64bit="..tostring(cheatEngineIs64Bit()).."&mac="..getMAC()
server:
$mac=$_GET['mac']
2/3:
select mac from users where username='$username'
if mac is null then
update users set mac='$mac' where username='$username'
else
if mac != $mac then different mac
tip:
change
Code: |
"SELECT id FROM users WHERE username = '$username' and pass = '$password'"
|
to
Code: |
"SELECT * FROM users WHERE username = '$username' and pass = '$password'";
|
that way you have access to all the fields, and saves you some query time
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|