sanitize() refactor: fourth pass

code/__HELPERS/text.dm

@@ -183,7 +183,7 @@
 
 /proc/replace_characters(var/t,var/list/repl_chars)
 	for(var/char in repl_chars)
-		replacetext(t, char, repl_chars[char])
+		t = replacetext(t, char, repl_chars[char])
 	return t
 
 //Adds 'u' number of zeros ahead of the text 't'

code/defines/procs/announce.dm

@@ -30,13 +30,14 @@
 	title = "Security Announcement"
 	announcement_type = "Security Announcement"
 
-/datum/announcement/proc/Announce(var/message as text, var/new_title = "", var/new_sound = null, var/do_newscast = newscast)
+/datum/announcement/proc/Announce(var/message as text, var/new_title = "", var/new_sound = null, var/do_newscast = newscast, var/msg_sanitized = 0)
 	if(!message)
 		return
 	var/message_title = new_title ? new_title : title
 	var/message_sound = new_sound ? new_sound : sound
 
-	message = sanitize(message, extra = 0)
+	if(!msg_sanitized)
+		message = sanitize(message, extra = 0)
 	message_title = sanitizeSafe(message_title)
 
 	Message(message, message_title)

code/game/machinery/camera/camera_assembly.dm

@@ -90,7 +90,7 @@
 
 				var/area/camera_area = get_area(src)
 				var/temptag = "[sanitize(camera_area.name)] ([rand(1, 999)])"
-				input = sanitizeSafe(input(usr, "How would you like to name the camera?", "Set Camera Name", temptag))
+				input = sanitizeSafe(input(usr, "How would you like to name the camera?", "Set Camera Name", temptag), MAX_NAME_LEN)
 
 				state = 4
 				var/obj/machinery/camera/C = new(src.loc)

code/game/machinery/newscaster.dm

@@ -496,7 +496,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
 	if ((usr.contents.Find(src) || ((get_dist(src, usr) <= 1) && istype(src.loc, /turf))) || (istype(usr, /mob/living/silicon)))
 		usr.set_machine(src)
 		if(href_list["set_channel_name"])
-			src.channel_name = sanitizeSafe(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", ""))
+			src.channel_name = sanitizeSafe(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", ""), MAX_LNAME_LEN)
 			src.updateUsrDialog()
 			//src.update_icon()
 
@@ -596,7 +596,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
 			src.updateUsrDialog()
 
 		else if(href_list["set_wanted_name"])
-			src.channel_name = sanitizeSafe(input(usr, "Provide the name of the Wanted person", "Network Security Handler", ""))
+			src.channel_name = sanitizeSafe(input(usr, "Provide the name of the Wanted person", "Network Security Handler", ""), MAX_LNAME_LEN)
 			src.updateUsrDialog()
 
 		else if(href_list["set_wanted_desc"])

code/game/machinery/portable_turret.dm

@@ -817,8 +817,7 @@
 				return
 
 	if(istype(I, /obj/item/weapon/pen))	//you can rename turrets like bots!
-		var/t = input(user, "Enter new turret name", name, finish_name) as text
-		t = sanitize(t)
+		var/t = sanitizeSafe(input(user, "Enter new turret name", name, finish_name) as text, MAX_NAME_LEN)
 		if(!t)
 			return
 		if(!in_range(src, usr) && loc != usr)

code/game/machinery/requests_console.dm

@@ -250,7 +250,7 @@ var/list/obj/machinery/requests_console/allConsoles = list()
 
 	if(href_list["sendAnnouncement"])
 		if(!announcementConsole)	return
-		announcement.Announce(message)
+		announcement.Announce(message, msg_sanitized = 1)
 		reset_announce()
 		screen = 0
 

code/game/objects/items/bodybag.dm

@@ -49,7 +49,7 @@
 			return
 		if (!in_range(src, user) && src.loc != user)
 			return
-		t = sanitize(t)
+		t = sanitizeSafe(t, MAX_NAME_LEN)
 		if (t)
 			src.name = "body bag - "
 			src.name += t

code/game/objects/items/weapons/cards_ids.dm

@@ -224,13 +224,13 @@
 /obj/item/weapon/card/id/syndicate/attack_self(mob/user as mob)
 	if(!src.registered_name)
 		//Stop giving the players unsanitized unputs! You are giving ways for players to intentionally crash clients! -Nodrak
-		var t = sanitizeName(input(user, "What name would you like to put on this card?", "Agent card name", ishuman(user) ? user.real_name : user.name))
+		var t = sanitizeName(input(user, "What name would you like to put on this card?", "Agent card name", ishuman(user) ? user.real_name : user.name), MAX_NAME_LEN)
 		if(!t) //Same as mob/new_player/prefrences.dm
 			alert("Invalid name.")
 			return
 		src.registered_name = t
 
-		var u = sanitize(input(user, "What occupation would you like to put on this card?\nNote: This will not grant any access levels other than Maintenance.", "Agent card job assignment", "Agent"))
+		var u = sanitize(input(user, "What occupation would you like to put on this card?\nNote: This will not grant any access levels other than Maintenance.", "Agent card job assignment", "Agent"), MAX_LNAME_LEN)
 		if(!u)
 			alert("Invalid assignment.")
 			src.registered_name = ""

code/game/objects/items/weapons/implants/implantcase.dm

@@ -26,7 +26,7 @@
 			return
 		if((!in_range(src, usr) && src.loc != user))
 			return
-		t = sanitize(t)
+		t = sanitizeSafe(t, MAX_NAME_LEN)
 		if(t)
 			src.name = text("Glass Case - '[]'", t)
 		else

code/game/objects/structures/mirror.dm

@@ -83,8 +83,7 @@
 				if(user.mind)
 					user.mind.transfer_to(vox)
 				spawn(1)
-					var/newname = input(vox,"Enter a name, or leave blank for the default name.", "Name change","") as text
-					newname = sanitize(newname)
+					var/newname = sanitizeSafe(input(vox,"Enter a name, or leave blank for the default name.", "Name change","") as text, MAX_NAME_LEN)
 					if(!newname || newname == "")
 						var/datum/language/L = all_languages[vox.species.default_language]
 						newname = L.get_random_name()

code/game/objects/structures/morgue.dm

@@ -92,7 +92,7 @@
 			return
 		if ((!in_range(src, usr) && src.loc != user))
 			return
-		t = sanitize(t)
+		t = sanitizeSafe(t, MAX_NAME_LEN)
 		if (t)
 			src.name = text("Morgue- '[]'", t)
 		else
@@ -258,7 +258,7 @@
 			return
 		if ((!in_range(src, usr) > 1 && src.loc != user))
 			return
-		t = sanitize(t)
+		t = sanitizeSafe(t, MAX_NAME_LEN)
 		if (t)
 			src.name = text("Crematorium- '[]'", t)
 		else

code/modules/clothing/spacesuits/rig/modules/utility.dm

@@ -280,7 +280,7 @@
 			voice_holder.active = 0
 			usr << "<font color='blue'>You disable the speech synthesiser.</font>"
 		if("Set Name")
-			var/raw_choice = sanitize(input(usr, "Please enter a new name.")  as text|null)
+			var/raw_choice = sanitize(input(usr, "Please enter a new name.")  as text|null, MAX_NAME_LEN)
 			if(!raw_choice)
 				return 0
 			voice_holder.voice = raw_choice

code/modules/economy/EFTPOS.dm

@@ -167,7 +167,7 @@
 			if("change_id")
 				var/attempt_code = text2num(input("Re-enter the current EFTPOS access code", "Confirm EFTPOS code"))
 				if(attempt_code == access_code)
-					eftpos_name = sanitize(input("Enter a new terminal ID for this device", "Enter new EFTPOS ID")) + " EFTPOS scanner"
+					eftpos_name = sanitize(input("Enter a new terminal ID for this device", "Enter new EFTPOS ID"), MAX_NAME_LEN) + " EFTPOS scanner"
 					print_reference()
 				else
 					usr << "\icon[src]<span class='warning'>Incorrect code entered.</span>"

code/modules/hydroponics/seed_mobs.dm

@@ -73,8 +73,7 @@
 		host << "<B>You are [host], one of a race of drifting interstellar plantlike creatures that sometimes share their seeds with human traders.</B>"
 		host << "<B>Too much darkness will send you into shock and starve you, but light will help you heal.</B>"
 
-	var/newname = input(host,"Enter a name, or leave blank for the default name.", "Name change","") as text
-	newname = sanitize(newname)
+	var/newname = sanitizeSafe(input(host,"Enter a name, or leave blank for the default name.", "Name change","") as text, MAX_NAME_LEN)
 	if (newname != "")
 		host.real_name = newname
 		host.name = host.real_name

code/modules/library/lib_items.dm

@@ -31,7 +31,7 @@
 		O.loc = src
 		update_icon()
 	else if(istype(O, /obj/item/weapon/pen))
-		var/newname = sanitizeSafe(input("What would you like to title this bookshelf?"), MAX_MESSAGE_LEN)
+		var/newname = sanitizeSafe(input("What would you like to title this bookshelf?"), MAX_NAME_LEN)
 		if(!newname)
 			return
 		else

code/modules/mob/dead/observer/say.dm

@@ -18,7 +18,7 @@
 
 
 /mob/dead/observer/emote(var/act, var/type, var/message)
-	message = sanitize(message)
+	//message = sanitize(message) - already sanitized in verb/me_verb()
 
 	if(!message)
 		return

code/modules/mob/living/carbon/brain/say.dm

@@ -3,6 +3,8 @@
 	if (silent)
 		return
 
+	message = sanitize(message)
+
 	if(!(container && istype(container, /obj/item/device/mmi)))
 		return //No MMI, can't speak, bucko./N
 	else

code/modules/mob/living/carbon/human/human.dm

@@ -863,11 +863,11 @@
 	var/list/creatures = list()
 	for(var/mob/living/carbon/h in world)
 		creatures += h
-	var/mob/target = input ("Who do you want to project your mind to ?") as null|anything in creatures
+	var/mob/target = input("Who do you want to project your mind to ?") as null|anything in creatures
 	if (isnull(target))
 		return
 
-	var/say = input ("What do you wish to say")
+	var/say = sanitize(input("What do you wish to say"))
 	if(mRemotetalk in target.mutations)
 		target.show_message("\blue You hear [src.real_name]'s voice: [say]")
 	else
@@ -1368,4 +1368,4 @@
 /mob/living/carbon/human/drop_from_inventory(var/obj/item/W, var/atom/Target = null)
 	if(W in organs)
 		return
-	..()
+	..()

code/modules/mob/living/carbon/metroid/say.dm

@@ -1,4 +1,7 @@
 /mob/living/carbon/slime/say(var/message)
+
+	message = sanitize(message)
+
 	var/verb = say_quote(message)
 
 	if(copytext(message,1,2) == "*")

code/modules/mob/living/silicon/pai/recruit.dm

@@ -55,9 +55,9 @@ var/datum/paiController/paiController			// Global handler for pAI candidates
 
 		switch(option)
 			if("name")
-				t = input("Enter a name for your pAI", "pAI Name", candidate.name) as text
+				t = sanitizeSafe(input("Enter a name for your pAI", "pAI Name", candidate.name) as text, MAX_NAME_LEN)
 				if(t)
-					candidate.name = sanitizeSafe(t, MAX_NAME_LEN)
+					candidate.name = t
 			if("desc")
 				t = input("Enter a description for your pAI", "pAI Description", candidate.description) as message
 				if(t)

code/modules/mob/living/simple_animal/parrot.dm

@@ -714,7 +714,7 @@
 	if(message_mode)
 		if(message_mode in radiochannels)
 			if(ears && istype(ears,/obj/item/device/radio))
-				ears.talk_into(src,message, message_mode, verb, null)
+				ears.talk_into(src,sanitize(message), message_mode, verb, null)
 
 
 	..(message)

code/modules/mob/mob.dm

@@ -263,7 +263,6 @@
 	set name = "Add Note"
 	set category = "IC"
 
-	msg = copytext(msg, 1, MAX_MESSAGE_LEN)
 	msg = sanitize(msg)
 
 	if(mind)

code/modules/paperwork/handlabeler.dm

@@ -58,7 +58,7 @@
 	if(mode)
 		user << "<span class='notice'>You turn on \the [src].</span>"
 		//Now let them chose the text.
-		var/str = copytext(reject_bad_text(input(user,"Label text?","Set label","")),1,MAX_NAME_LEN)
+		var/str = sanitizeSafe(input(user,"Label text?","Set label",""), MAX_NAME_LEN)
 		if(!str || !length(str))
 			user << "<span class='notice'>Invalid text.</span>"
 			return

code/modules/reagents/Chemistry-Machinery.dm

@@ -406,7 +406,7 @@
 				if(type in diseases) // Make sure this is a disease
 					D = new type(0, null)
 			var/list/data = list("viruses"=list(D))
-			var/name = sanitizeSafe(input(usr,"Name:","Name the culture",D.name))
+			var/name = sanitizeSafe(input(usr,"Name:","Name the culture",D.name), MAX_NAME_LEN)
 			if(!name || name == " ") name = D.name
 			B.name = "[name] culture bottle"
 			B.desc = "A small bottle. Contains [D.agent] culture in synthblood medium."

code/setup.dm

@@ -255,7 +255,7 @@
 #define slot_legs        21
 #define slot_tie         22
 
-// Mob sprite sheets. These need to be strings as numbers 
+// Mob sprite sheets. These need to be strings as numbers
 // cannot be used as associative list keys.
 #define icon_l_hand		"slot_l_hand"
 #define icon_r_hand		"slot_r_hand"
@@ -756,6 +756,7 @@ var/list/be_special_flags = list(
 #define MAX_MESSAGE_LEN       1024
 #define MAX_PAPER_MESSAGE_LEN 3072
 #define MAX_BOOK_MESSAGE_LEN  9216
+#define MAX_LNAME_LEN         64
 #define MAX_NAME_LEN          26
 
 // Event defines.