Hey there,
after the latest FiveM update it seems like calling < iframe > website through a script no longer saves the session ID with the issue of trying to access a data terminal (website) through the game not working anymore.
This issue first popped up only on canary around 4-5 days ago and then completely after 2 days.
This is surely some recent update that occured to the client itself as it was happening only in canary first and then to the main release also.
This issue does pop up in all 10 peeps who are using this terminal (Just note that every single one of them are hosting this by themselves, so it would be impossible for all of them to actually change code and break for everyone )
Lastly, it does work if you hop into it from a normal browser such as chrome, firefox but not from in-game (gets stuck in the login as session is not being saved or something)
Here’s the code in PHP for the login, maybe this can give you a better idea:
Click me
<!doctype html>
<html lang="en">
<head>
<!--Metas for page.-->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<!--The links for css, icons and fonts.-->
<link rel="icon" href="files/img/lspd.png">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link href="https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,400;0,600;0,900;1,100;1,400;1,600;1,900&display=swap" rel="stylesheet">
<link href="files/css/main.css" rel="stylesheet">
<link href="files/css/extras.css" rel="stylesheet">
<!--JavaScript.-->
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
<script src="files/js/main.js"></script>
<!--Title of page.-->
<title>Data Terminal - Login</title>
</head>
<body>
<nav class="navbar fixed-top navbar-expand-lg navbar-custom bg-custom">
<div class="collapse navbar-collapse" id="navbarsExampleDefault">
<!-- Left menu -->
<ul class="navbar-nav mr-auto">
<li class="nav-item">
<a class="nav-label" href="#">
<img src="files/img/lspd.png" width="75" height="24" alt="LSPD IMAGE">
<span class="title">Session ID: #<?php
function generateRandomString($length = 5) { //Simple function that takes a random string for the Session ID.
$characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
};
echo generateRandomString();
?>
</span>
</a>
</li>
</ul>
</div>
</nav>
<main role="main" class="container">
<div class="login-container">
<div class="login-content">
<h4><strong>LSPD Data Terminal</strong></h4><br>
<?php if (isset($_GET['wrongcredentials'])) { ?>
<p><strong>Credentials do not meet our records</strong></p> <!--Shows up an error if the page is set to wrongcredentials-->
<?php }?>
<form method="post">
<div class="input-group mb-3">
<input type="text" name="username" class="form-contrl lgin-user" value="" placeholder="Username / Email">
</div>
<div class="input-group mb-2">
<input type="password" name="password" class="form-contrl lgin-pass" value="" autocomplete="new-password" placeholder="Password">
</div>
<div class="form-group">
<button type="submit" name="login" class="btn btn-primary btn-login submit-btn">Log in</button>
</div>
</form>
</div>
</div>
</main>
</body>
</html>
<?php // This php code is used for the main login screen,
require "database.php"; // Requires first the database connection
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (trim($_POST['username']) == NULL)
{
Header("Location:login?wrongcredentials");//Wrong Crendentials
}
if (trim($_POST['password']) == NULL)
{
Header("Location:login?wrongcredentials"); //Wrong Crendentials
}
$query = $con->query(
"SELECT * FROM accounts WHERE username = '".$con->real_escape_string($_POST['username'])."'" //Query to fetch accounts
);
if ($query->num_rows == 1)
{
$row = $query->fetch_assoc();
if (password_verify($_POST['password'],$row['password']))
{
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $_POST['username'];
$_SESSION['role'] = $row['role'];
$_SESSION['name'] = $row['name'];
$_SESSION['rank'] = $row['rank'];
$_SESSION['id'] = $row['id'];
$_SESSION["personid"] = NULL;
$_SESSION["reportid"] = NULL;
$con->query(
"UPDATE accounts SET seen = '".date('Y-m-d')."' WHERE id = '".$row['id']."'" //Updates the last time seen.
);
if ($_SERVER['HTTP_REFFER'] != "") {
header("Location: home"); //Referrer method goes here.
} else {
Header("Location: home"); //Logs you in.
}
} else
{
Header("Location: login?wrongcredentials"); //Wrong Credentials
}
} else
{
Header("Location: login?wrongcredentials"); //Wrong Credentials
}
}
?>
Thanks for reading,
i am more than happy to help by providing more info but can’t think of anything that would be helpful at the moment rather than just the $_SESSION code as there is where it does the trick.
Best Regards,
Cisoko