TG: Some fixes for topic calls and inputs.

There's like 1001 things to fix so some of this is somewhat crude for now. new helper proc located in procs/helpers.dm reject_bad_text(var/text) just feed any text in and it will either return the original text or null (if it contains odd characters such as \ / < > or characters reserved by BYOND. It also rejects if there are no non-whitespace characters) Revision: r3571 Author: elly1...@rocketmail.com
2025-12-27 18:41:59 +00:00 · 2012-05-10 03:02:56 +01:00
parent 3c9b734c2f
commit 8aae642d83
8 changed files with 674 additions and 620 deletions
--- a/code/defines/procs/helpers.dm
+++ b/code/defines/procs/helpers.dm
@@ -127,6 +127,19 @@
 			index = findtext(t, char)
 	return t

+//For sanitizing user inputs
+/proc/reject_bad_text(var/text)
+	if(length(text) > 512)	return			//message too long
+	var/non_whitespace = 0
+	for(var/i=1, i<=length(text), i++)
+		switch(text2ascii(text,i))
+			if(62,60,92,47)	return			//rejects the text if it contains these bad characters: <, >, \ or /
+			if(127 to 255)	return			//rejects weird letters like <20>
+			if(0 to 31)		return			//more weird stuff
+			if(32)							//whitespace
+			else			non_whitespace = 1
+	if(non_whitespace)		return text		//only accepts the text if it has some non-spaces
+
 /proc/strip_html_simple(var/t,var/limit=MAX_MESSAGE_LEN)
 	var/list/strip_chars = list("<",">","&","'")
 	t = copytext(t,1,limit)
--- a/code/defines/world.dm
+++ b/code/defines/world.dm
@@ -6,12 +6,12 @@ world


 	Topic(href, href_list[])
-		world << "Received a Topic() call!"
-		world << "[href]"
-		for(var/a in href_list)
-			world << "[a]"
-		if(href_list["hello"])
-			world << "Hello world!"
-			return "Hello world!"
-		world << "End of Topic() call."
-		..()
+//		world << "Received a Topic() call!"
+//		world << "[href]"
+//		for(var/a in href_list)
+//			world << "[a]"
+//		if(href_list["hello"])
+//			world << "Hello world!"
+//			return "Hello world!"
+//		world << "End of Topic() call."
+//		..()