Some fixes for topic calls and inputs.

There's like 1001 things to fix so some of this is somewhat crude for now. new helper proc located in procs/helpers.dm reject_bad_text(var/text) just feed any text in and it will either return the original text or null (if it contains odd characters such as \ / < > or characters reserved by BYOND. It also rejects if there are no non-whitespace characters) git-svn-id: http://tgstation13.googlecode.com/svn/trunk@3571 316c924e-a436-60f5-8080-3fe189b3f50e
2025-12-11 02:34:00 +00:00 · 2012-05-09 11:34:11 +00:00
parent 13dc140188
commit 15bf7ea10a
8 changed files with 674 additions and 602 deletions
--- a/code/defines/procs/helpers.dm
+++ b/code/defines/procs/helpers.dm
@@ -125,6 +125,19 @@
 			index = findtext(t, char)
 	return t

+//For sanitizing user inputs
+/proc/reject_bad_text(var/text)
+	if(length(text) > 512)	return			//message too long
+	var/non_whitespace = 0
+	for(var/i=1, i<=length(text), i++)
+		switch(text2ascii(text,i))
+			if(62,60,92,47)	return			//rejects the text if it contains these bad characters: <, >, \ or /
+			if(127 to 255)	return			//rejects weird letters like <20>
+			if(0 to 31)		return			//more weird stuff
+			if(32)							//whitespace
+			else			non_whitespace = 1
+	if(non_whitespace)		return text		//only accepts the text if it has some non-spaces
+
 /proc/strip_html_simple(var/t,var/limit=MAX_MESSAGE_LEN)
 	var/list/strip_chars = list("<",">")
 	t = copytext(t,1,limit)