mirror of
https://github.com/etlegacy/wolfadmin.git
synced 2024-11-24 21:21:56 +00:00
Sanitizing client input (refs #67)
This commit is contained in:
parent
56d822b417
commit
68688385a0
19 changed files with 21 additions and 21 deletions
|
@ -30,7 +30,7 @@ function commandBan(clientId, command, victim, ...)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dban usage: "..commands.getadmin("ban")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -29,7 +29,7 @@ function commandFinger(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dfinger usage: "..commands.getadmin("finger")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -28,7 +28,7 @@ function commandGib(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dgib usage: "..commands.getadmin("gib")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -29,7 +29,7 @@ function commandKick(clientId, command, victim, ...)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dkick usage: "..commands.getadmin("kick")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -36,7 +36,7 @@ function commandListAliases(clientId, command, victim, offset)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dlistaliases usage: "..commands.getadmin("listaliases")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -68,7 +68,7 @@ function commandListLevels(clientId, command, victim, offset)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dlistlevels: ^9level history is disabled.\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -33,7 +33,7 @@ function commandMute(clientId, command, victim, ...)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dmute usage: "..commands.getadmin("mute")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -28,7 +28,7 @@ function commandPlayerLock(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dplock usage: "..commands.getadmin("plock")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -28,7 +28,7 @@ function commandPlayerUnlock(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dpunlock usage: "..commands.getadmin("punlock")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -30,7 +30,7 @@ function commandPlayerLock(clientId, command, victim, team)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dput usage: "..commands.getadmin("put")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -28,7 +28,7 @@ local settings = require (wolfa_getLuaPath()..".util.settings")
|
|||
function commandSetLevel(clientId, command, victim, level)
|
||||
if not victim or not level then
|
||||
return false
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
@ -59,7 +59,7 @@ function commandSetLevel(clientId, command, victim, level)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dsetlevel usage: "..commands.getadmin("setlevel")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -36,7 +36,7 @@ function commandListHistory(clientId, command, victim, offset)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dshowhistory usage: "..commands.getadmin("showwarns")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -28,7 +28,7 @@ function commandSlap(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dslap usage: "..commands.getadmin("slap")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -26,7 +26,7 @@ function commandShowStats(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dstats usage: "..commands.getadmin("stats")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -30,7 +30,7 @@ function commandUnmute(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dunmute usage: "..commands.getadmin("unmute")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -31,7 +31,7 @@ function commandVoiceMute(clientId, command, victim, ...)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dvmute usage: "..commands.getadmin("vmute")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -26,7 +26,7 @@ function commandVoiceUnmute(clientId, command, victim)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dvunmute usage: "..commands.getadmin("vunmute")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -32,7 +32,7 @@ function commandWarn(clientId, command, victim, ...)
|
|||
return false
|
||||
elseif not victim or not ... then
|
||||
return false
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
@ -55,7 +55,7 @@ function commandWarn(clientId, command, victim, ...)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dwarn usage: "..commands.getadmin("warn")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
elseif tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
|
@ -128,7 +128,7 @@ function commands.log(clientId, command, victim, ...)
|
|||
if victim then
|
||||
local cmdClient
|
||||
|
||||
if tonumber(victim) == nil or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
if tonumber(victim) == nil or tonumber(victim) < 0 or tonumber(victim) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(victim)
|
||||
else
|
||||
cmdClient = tonumber(victim)
|
||||
|
|
Loading…
Reference in a new issue