[shadowdragon]

Hey all what are the common problems for data leaking into other players stats for example my plugin im making that stores points will some times give the next player that joins the same points loaded for the first player. Iv rewriten my mysql part of my plugin 3 times now all using different ways to save/load data but it still leaks data. is there a reason for this and can someone explain how i can fix it.

PHP Code:

public DataLoad(client)
{
    decl String:query[400], String:auth[400];
    GetClientAuthId(client, AuthId_Steam3,auth, sizeof(auth));
    FormatEx(query, sizeof(query), "SELECT * FROM XXXx WHERE steamid = '%s'", auth);
    SQL_TQuery(hDatabase, Store_Load_Data, query, client);
}
public DataSave(client)
{
    if (!IsClientInGame(client))
        return;
    
    decl String:query[400], String:auth[400], String:name[200];
    GetClientName(client, name, sizeof(name));
    GetClientAuthId(client, AuthId_Steam3,auth, sizeof(auth));
    FormatEx(query, sizeof(query), "UPDATE XXXx SET Credits = %d, Name = '%s', Trails = %d, Tags = %d, Tier = %d WHERE steamid = '%s'", Credits[client],name,Trails[client],Tags[client], Tier[client], auth);
    SQL_TQuery(hDatabase, T_Save, query, client);
} 


[Miu]

code might help

[shadowdragon]

Woops i completely forgot ill add that now.

[Potato Uno]

It looks fine to me. I would use print statements in code when a client joins and disconnects, and trace your code's execution that way.

The only way I can possibly think that this code bugs out, assuming this is the only querying code that exists, is if GetClientAuthString is busted on SM's end and it returns the wrong steam ID somehow. (I vaguely remember this being an actual bug... though I'm not entirely sure.)

[shadowdragon]

Ok thanks.

[psychonic]

Quote:

Originally Posted by Potato Uno The only way I can possibly think that this code bugs out, assuming this is the only querying code that exists, is if GetClientAuthString is busted on SM's end and it returns the wrong steam ID somehow. (I vaguely remember this being an actual bug... though I'm not entirely sure.)

It's not an actual bug in SM, but rather a misuse of the API.

If a client's Steam ID isn't validated yet, and calling GetClientAuthId with validate=true, and the client's ID isn't validated by Steam yet, and not checking for GetClientAuthId returning false (failure), and using decl instead of new (or the transitional syntax), you can have another client's Steam ID (or just garbage) in the buffer, since decl doesn't initialize it to anything.

TL;DR, don't use decl, and check the return of GetClientAuthId (or pass "false" for validate, but ONLY if you know what you're doing and it's safe to do so in your case).

[shadowdragon]

Could you please give me an example on how to validate a steamid? or do i just set GetClientAuthId end argument to true?

[DarkDeviL]

Quote:

Originally Posted by shadowdragon Could you please give me an example on how to validate a steamid? or do i just set GetClientAuthId end argument to true?

PHP Code:

if (GetClientAuthId(client, AuthId_Steam3,auth, sizeof(auth))) {
  /* Do whatever you want with client's data here... */
} 


[shadowdragon]

Thanks for that. I have tryed it and allowed up to 30-40 people to use the store database how ever out of the 40 5-10 seem to have duplicated data i dont know why its still leaking data from others.