mirror of
https://github.com/etlegacy/wolfadmin.git
synced 2024-11-28 23:12:47 +00:00
Sanitize command input (fixes #67)
This commit is contained in:
parent
449e6c856f
commit
7dce37972b
10 changed files with 10 additions and 10 deletions
|
@ -30,7 +30,7 @@ function commandBan(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dban usage: "..commands.getadmin("ban")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dban usage: "..commands.getadmin("ban")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -29,7 +29,7 @@ function commandFinger(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dfinger usage: "..commands.getadmin("finger")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dfinger usage: "..commands.getadmin("finger")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -28,7 +28,7 @@ function commandGib(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dgib usage: "..commands.getadmin("gib")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dgib usage: "..commands.getadmin("gib")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -29,7 +29,7 @@ function commandKick(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dkick usage: "..commands.getadmin("kick")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dkick usage: "..commands.getadmin("kick")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -33,7 +33,7 @@ function commandMute(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dmute usage: "..commands.getadmin("mute")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dmute usage: "..commands.getadmin("mute")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -26,7 +26,7 @@ function commandPlayerLock(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dput usage: "..commands.getadmin("put")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dput usage: "..commands.getadmin("put")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -49,7 +49,7 @@ function commandSetLevel(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dsetlevel usage: "..commands.getadmin("setlevel")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dsetlevel usage: "..commands.getadmin("setlevel")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -28,7 +28,7 @@ function commandSlap(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dslap usage: "..commands.getadmin("slap")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dslap usage: "..commands.getadmin("slap")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -30,7 +30,7 @@ function commandUnmute(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dunmute usage: "..commands.getadmin("unmute")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dunmute usage: "..commands.getadmin("unmute")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
|
@ -56,7 +56,7 @@ function commandWarn(clientId, cmdArguments)
|
||||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dwarn usage: "..commands.getadmin("warn")["syntax"].."\";")
|
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dwarn usage: "..commands.getadmin("warn")["syntax"].."\";")
|
||||||
|
|
||||||
return true
|
return true
|
||||||
elseif tonumber(cmdArguments[1]) == nil then
|
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||||
else
|
else
|
||||||
cmdClient = tonumber(cmdArguments[1])
|
cmdClient = tonumber(cmdArguments[1])
|
||||||
|
|
Loading…
Reference in a new issue