mirror of
https://github.com/etlegacy/wolfadmin.git
synced 2024-11-22 12:21:43 +00:00
Sanitizing some client input (fixes #67)
This commit is contained in:
Timo Smit
parent
6e4b5b97a7
commit
c0d2aa0e92
13 changed files with 26 additions and 26 deletions
|
|
@ -35,7 +35,7 @@ function commandRemoveWarn(clientId, cmdArguments)
|
|||
cmdClient = tonumber(cmdArguments[1])
|
||||
end
|
||||
|
||||
if cmdClient == -1 then
|
||||
if cmdClient == -1 or cmdClient > et.trap_Cvar_Get("sv_maxclients") then
|
||||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^ddewarn: ^9no or multiple matches for '^7"..cmdArguments[1].."^9'.\";")
|
||||
|
||||
return true
|
||||
|
|
@ -57,4 +57,4 @@ function commandRemoveWarn(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("dewarn", commandRemoveWarn, "R", "remove a warning for a certain player", "^9[^3name|slot#^9] ^9[^3warn#^9]", function() return (settings.get("g_warnHistory") == 0 or not db.isconnected()) end)
|
||||
commands.addadmin("dewarn", commandRemoveWarn, "R", "remove a warning for a certain player", "^9[^3name|slot#^9] ^9[^3warn#^9]", function() return (settings.get("g_warnHistory") == 0 or not db.isconnected()) end)
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ function commandListAliases(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dlistaliases usage: "..commands.getadmin("listaliases")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > et.trap_Cvar_Get("sv_maxclients") then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -76,4 +76,4 @@ function commandListAliases(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("listaliases", commandListAliases, "f", "display all known aliases for a player", "^9[^3name|slot#^9] ^9(^hoffset^9)", function() return (not db.isconnected()) end)
|
||||
commands.addadmin("listaliases", commandListAliases, "f", "display all known aliases for a player", "^9[^3name|slot#^9] ^9(^hoffset^9)", function() return (not db.isconnected()) end)
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ function commandListLevels(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dlistlevels: ^9level history is disabled.\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -93,4 +93,4 @@ function commandListLevels(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("listlevels", commandListLevels, "s", "display all levels on the server", (not db.isconnected() and nil or "^9(^3name|slot#^9) ^9(^hoffset^9)"))
|
||||
commands.addadmin("listlevels", commandListLevels, "s", "display all levels on the server", (not db.isconnected() and nil or "^9(^3name|slot#^9) ^9(^hoffset^9)"))
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ function commandPlayerLock(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dplock usage: "..commands.getadmin("plock")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -61,4 +61,4 @@ function commandPlayerLock(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("plock", commandPlayerLock, "K", "locks a player to a specific team", "^9[^3name|slot#^9]")
|
||||
commands.addadmin("plock", commandPlayerLock, "K", "locks a player to a specific team", "^9[^3name|slot#^9]")
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ function commandPlayerUnlock(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dpunlock usage: "..commands.getadmin("punlock")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -53,4 +53,4 @@ function commandPlayerUnlock(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("punlock", commandPlayerUnlock, "K", "unlocks a player", "^9[^3name|slot#^9]")
|
||||
commands.addadmin("punlock", commandPlayerUnlock, "K", "unlocks a player", "^9[^3name|slot#^9]")
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ local admin = require "luascripts.wolfadmin.admin.admin"
|
|||
function commandSetLevel(clientId, cmdArguments)
|
||||
if #cmdArguments < 2 then
|
||||
return false
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -46,4 +46,4 @@ function commandSetLevel(clientId, cmdArguments)
|
|||
|
||||
return false
|
||||
end
|
||||
commands.addadmin("setlevel", commandSetLevel, "s", "sets the admin level of a player", "^9[^3name|slot#^9] ^9[^3level^9]", true)
|
||||
commands.addadmin("setlevel", commandSetLevel, "s", "sets the admin level of a player", "^9[^3name|slot#^9] ^9[^3level^9]", true)
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ function commandShowWarns(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dshowwarns usage: "..commands.getadmin("showwarns")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -66,4 +66,4 @@ function commandShowWarns(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("showwarns", commandShowWarns, "R", "display warnings for a specific player", "^9[^3name|slot#^9] ^9(^hoffset^9)", function() return (settings.get("g_warnHistory") == 0 or not db.isconnected()) end)
|
||||
commands.addadmin("showwarns", commandShowWarns, "R", "display warnings for a specific player", "^9[^3name|slot#^9] ^9(^hoffset^9)", function() return (settings.get("g_warnHistory") == 0 or not db.isconnected()) end)
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ function commandShowStats(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dstats usage: "..commands.getadmin("stats")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -94,4 +94,4 @@ function commandShowStats(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("stats", commandShowStats, "I", "display the statistics for a specific player", "^9[^3name|slot#^9]")
|
||||
commands.addadmin("stats", commandShowStats, "I", "display the statistics for a specific player", "^9[^3name|slot#^9]")
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ function commandVoiceMute(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dvmute usage: "..commands.getadmin("vmute")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -75,4 +75,4 @@ function commandVoiceMute(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("vmute", commandVoiceMute, "m", "voicemutes a player", "^9[^3name|slot#^9]")
|
||||
commands.addadmin("vmute", commandVoiceMute, "m", "voicemutes a player", "^9[^3name|slot#^9]")
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ function commandVoiceUnmute(clientId, cmdArguments)
|
|||
et.trap_SendConsoleCommand(et.EXEC_APPEND, "csay "..clientId.." \"^dvunmute usage: "..commands.getadmin("vunmute")["syntax"].."\";")
|
||||
|
||||
return true
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -51,4 +51,4 @@ function commandVoiceUnmute(clientId, cmdArguments)
|
|||
|
||||
return true
|
||||
end
|
||||
commands.addadmin("vunmute", commandVoiceUnmute, "m", "unvoicemutes a player", "^9[^3name|slot#^9]")
|
||||
commands.addadmin("vunmute", commandVoiceUnmute, "m", "unvoicemutes a player", "^9[^3name|slot#^9]")
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ function commandAddWarn(clientId, cmdArguments)
|
|||
return false
|
||||
elseif #cmdArguments < 2 then
|
||||
return false
|
||||
elseif tonumber(cmdArguments[1]) == nil then
|
||||
elseif tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -41,4 +41,4 @@ function commandAddWarn(clientId, cmdArguments)
|
|||
|
||||
return false
|
||||
end
|
||||
commands.addadmin("warn", commandAddWarn, "R", "warns a player by displaying the reason", "^9[^3name|slot#^9] ^9[^3reason^9]", true)
|
||||
commands.addadmin("warn", commandAddWarn, "R", "warns a player by displaying the reason", "^9[^3name|slot#^9] ^9[^3reason^9]", true)
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ function commandPersonalMessage(clientId, cmdArguments)
|
|||
if #cmdArguments > 1 then
|
||||
local cmdClient
|
||||
|
||||
if tonumber(cmdArguments[1]) == nil then
|
||||
if tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -36,4 +36,4 @@ function commandPersonalMessage(clientId, cmdArguments)
|
|||
end
|
||||
end
|
||||
commands.addclient("pm", commandPersonalMessage, "", "", true)
|
||||
commands.addclient("m", commandPersonalMessage, "", "", true)
|
||||
commands.addclient("m", commandPersonalMessage, "", "", true)
|
||||
|
|
|
|||
|
|
@ -127,7 +127,7 @@ function commands.log(clientId, command, cmdArguments)
|
|||
if cmdArguments[1] then
|
||||
local cmdClient
|
||||
|
||||
if tonumber(cmdArguments[1]) == nil then
|
||||
if tonumber(cmdArguments[1]) == nil or tonumber(cmdArguments[1]) > tonumber(et.trap_Cvar_Get("sv_maxclients")) then
|
||||
cmdClient = et.ClientNumberFromString(cmdArguments[1])
|
||||
else
|
||||
cmdClient = tonumber(cmdArguments[1])
|
||||
|
|
@ -333,4 +333,4 @@ function commands.onclientcommand(clientId, cmdText)
|
|||
end
|
||||
events.handle("onClientCommand", commands.onclientcommand)
|
||||
|
||||
return commands
|
||||
return commands
|
||||
|
|
|
|||
Loading…
Reference in a new issue