cyberpresidentvanellope/CHOMPStation2
1
0
Fork 0
mirror of https://github.com/CHOMPStation2/CHOMPStation2.git synced 2025-12-11 10:43:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

sanitize() refactor: third pass (misc)

Browse Source
This commit is contained in:
volas
2015-03-25 01:05:21 +03:00
parent f8822626bb
commit 5fee41d4ba
31 changed files with 68 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
code/modules/admin/DB ban/functions.dm
View File

@@ -181,7 +181,7 @@ datum/admins/proc/DB_ban_edit(var/banid = null, var/param = null)
switch(param)
if("reason")
if(!value)
value = input("Insert the new reason for [pckey]'s ban", "New Reason", "[reason]", null) as null|text
value = sanitize(input("Insert the new reason for [pckey]'s ban", "New Reason", "[reason]", null) as null|text)
value = sql_sanitize_text(value)
if(!value)
usr << "Cancelled"

2
code/modules/admin/admin.dm
View File

@@ -725,7 +725,7 @@ var/global/floorIsLava = 0
set desc="Announce your desires to the world"
if(!check_rights(0)) return
var/message = input("Global message to send:", "Admin Announce", null, null) as message
var/message = input("Global message to send:", "Admin Announce", null, null) as message//todo: sanitize for all?
if(message)
if(!check_rights(R_SERVER,0))
message = sanitize(message, 500, extra = 0)

2
code/modules/admin/admin_memo.dm
View File

@@ -16,7 +16,7 @@
/client/proc/admin_memo_write()
var/savefile/F = new(MEMOFILE)
if(F)
var/memo = input(src,"Type your memo\n(Leaving it blank will delete your current memo):","Write Memo",null) as null|message
var/memo = sanitize(input(src,"Type your memo\n(Leaving it blank will delete your current memo):","Write Memo",null) as null|message, extra = 0)
switch(memo)
if(null)
return

2
code/modules/admin/admin_verbs.dm
View File

@@ -616,7 +616,7 @@ var/list/admin_verbs_mentor = list(
set name = "Make Sound"
set desc = "Display a message to everyone who can hear the target"
if(O)
var/message = input("What do you want the message to be?", "Make Sound") as text|null
var/message = sanitize(input("What do you want the message to be?", "Make Sound") as text|null)
if(!message)
return
for (var/mob/V in hearers(O))

21
code/modules/admin/topic.dm
View File

@@ -328,12 +328,12 @@
mins = min(525599,mins)
minutes = CMinutes + mins
duration = GetExp(minutes)
reason = input(usr,"Reason?","reason",reason2) as text|null
reason = sanitize(input(usr,"Reason?","reason",reason2) as text|null)
if(!reason) return
if("No")
temp = 0
duration = "Perma"
reason = input(usr,"Reason?","reason",reason2) as text|null
reason = sanitize(input(usr,"Reason?","reason",reason2) as text|null)
if(!reason) return
log_admin("[key_name(usr)] edited [banned_key]'s ban. Reason: [reason] Duration: [duration]")
@@ -655,7 +655,7 @@
var/mins = input(usr,"How long (in minutes)?","Ban time",1440) as num|null
if(!mins)
return
var/reason = input(usr,"Reason?","Please State Reason","") as text|null
var/reason = sanitize(input(usr,"Reason?","Please State Reason","") as text|null)
if(!reason)
return
@@ -680,7 +680,7 @@
return 1
if("No")
if(!check_rights(R_BAN)) return
var/reason = input(usr,"Reason?","Please State Reason","") as text|null
var/reason = sanitize(input(usr,"Reason?","Please State Reason","") as text|null)
if(reason)
var/msg
for(var/job in notbannedlist)
@@ -737,7 +737,7 @@
if (ismob(M))
if(!check_if_greater_rights_than(M.client))
return
var/reason = input("Please enter reason")
var/reason = sanitize(input("Please enter reason"))
if(!reason)
M << "\red You have been kicked from the server"
else
@@ -794,7 +794,7 @@
if(!mins)
return
if(mins >= 525600) mins = 525599
var/reason = input(usr,"Reason?","reason","Griefer") as text|null
var/reason = sanitize(input(usr,"Reason?","reason","Griefer") as text|null)
if(!reason)
return
AddBan(M.ckey, M.computer_id, reason, usr.ckey, 1, mins)
@@ -815,7 +815,7 @@
//del(M) // See no reason why to delete mob. Important stuff can be lost. And ban can be lifted before round ends.
if("No")
if(!check_rights(R_BAN)) return
var/reason = input(usr,"Reason?","reason","Griefer") as text|null
var/reason = sanitize(input(usr,"Reason?","reason","Griefer") as text|null)
if(!reason)
return
switch(alert(usr,"IP ban?",,"Yes","No","Cancel"))
@@ -1379,7 +1379,7 @@
usr << "The person you are trying to contact is not wearing a headset"
return
var/input = input(src.owner, "Please enter a message to reply to [key_name(H)] via their headset.","Outgoing message from Centcomm", "")
var/input = sanitize(input(src.owner, "Please enter a message to reply to [key_name(H)] via their headset.","Outgoing message from Centcomm", ""))
if(!input) return
src.owner << "You sent [input] to [H] via a secure channel."
@@ -1396,7 +1396,7 @@
usr << "The person you are trying to contact is not wearing a headset"
return
var/input = input(src.owner, "Please enter a message to reply to [key_name(H)] via their headset.","Outgoing message from a shadowy figure...", "")
var/input = sanitize(input(src.owner, "Please enter a message to reply to [key_name(H)] via their headset.","Outgoing message from a shadowy figure...", ""))
if(!input) return
src.owner << "You sent [input] to [H] via a secure channel."
@@ -1443,6 +1443,7 @@
var/mob/sender = locate(href_list["CentcommFaxReply"])
var/obj/machinery/photocopier/faxmachine/fax = locate(href_list["originfax"])
//todo: sanitize
var/input = input(src.owner, "Please enter a message to reply to [key_name(sender)] via secure connection. NOTE: BBCode does not work, but HTML tags do! Use <br> for line breaks.", "Outgoing message from Centcomm", "") as message|null
if(!input) return
@@ -2652,7 +2653,7 @@
if(href_list["add_player_info"])
var/key = href_list["add_player_info"]
var/add = input("Add Player Info") as null|text
var/add = sanitize(input("Add Player Info") as null|text)
if(!add) return
notes_add(key,add,usr)

3
code/modules/admin/verbs/adminpm.dm
View File

@@ -60,6 +60,7 @@
return
//clean the message if it's not sent by a high-rank admin
//todo: sanitize for all???
if(!check_rights(R_SERVER|R_DEBUG,0))
msg = sanitize(msg)
if(!msg) return
@@ -91,7 +92,7 @@
spawn(0) //so we don't hold the caller proc up
var/sender = src
var/sendername = key
var/reply = input(C, msg,"[recieve_pm_type] PM from [sendername]", "") as text|null //show message and await a reply
var/reply = sanitize(input(C, msg,"[recieve_pm_type] PM from [sendername]", "") as text|null) //show message and await a reply
if(C && reply)
if(sender)
C.cmd_admin_pm(sender,reply) //sender is still about, let's reply to them

6
code/modules/admin/verbs/custom_event.dm
View File

@@ -7,7 +7,7 @@
src << "Only administrators may use this command."
return
var/input = input(usr, "Enter the description of the custom event. Be descriptive. To cancel the event, make this blank or hit cancel.", "Custom Event", custom_event_msg) as message|null
var/input = sanitize(input(usr, "Enter the description of the custom event. Be descriptive. To cancel the event, make this blank or hit cancel.", "Custom Event", custom_event_msg) as message|null, MAX_BOOK_MESSAGE_LEN, extra = 0)
if(!input || input == "")
custom_event_msg = null
log_admin("[usr.key] has cleared the custom event text.")
@@ -21,7 +21,7 @@
world << "<h1 class='alert'>Custom Event</h1>"
world << "<h2 class='alert'>A custom event is starting. OOC Info:</h2>"
world << "<span class='alert'>[html_encode(custom_event_msg)]</span>"
world << "<span class='alert'>[custom_event_msg]</span>"
world << "<br>"
// normal verb for players to view info
@@ -36,5 +36,5 @@
src << "<h1 class='alert'>Custom Event</h1>"
src << "<h2 class='alert'>A custom event is taking place. OOC Info:</h2>"
src << "<span class='alert'>[html_encode(custom_event_msg)]</span>"
src << "<span class='alert'>[custom_event_msg]</span>"
src << "<br>"

2
code/modules/admin/verbs/debug.dm
View File

@@ -205,7 +205,7 @@ But you can call procs that are of type /mob/living/carbon/human/proc/ for that
return 0
var/obj/item/device/paicard/card = new(T)
var/mob/living/silicon/pai/pai = new(card)
pai.name = input(choice, "Enter your pAI name:", "pAI Name", "Personal AI") as text
pai.name = sanitizeSafe(input(choice, "Enter your pAI name:", "pAI Name", "Personal AI") as text)
pai.real_name = pai.name
pai.key = choice.key
card.setPersonality(pai)

2
code/modules/admin/verbs/massmodvar.dm
View File

@@ -168,7 +168,7 @@
return .(O.vars[variable])
if("text")
var/new_value = input("Enter new text:","Text",O.vars[variable]) as text|null
var/new_value = input("Enter new text:","Text",O.vars[variable]) as text|null//todo: sanitize ???
if(new_value == null) return
O.vars[variable] = new_value

8
code/modules/admin/verbs/modifyvariables.dm
View File

@@ -44,7 +44,7 @@ var/list/forbidden_varedit_object_types = list(
switch(class)
if("text")
var_value = input("Enter new text:","Text") as null|text
var_value = input("Enter new text:","Text") as null|text//todo: sanitize ???
if("num")
var_value = input("Enter new number:","Num") as null|num
@@ -93,7 +93,7 @@ var/list/forbidden_varedit_object_types = list(
switch(class)
if("text")
var_value = input("Enter new text:","Text") as text
var_value = input("Enter new text:","Text") as text//todo: sanitize ???
if("num")
var_value = input("Enter new number:","Num") as num
@@ -243,7 +243,7 @@ var/list/forbidden_varedit_object_types = list(
return
if("text")
L[L.Find(variable)] = input("Enter new text:","Text") as text
L[L.Find(variable)] = input("Enter new text:","Text") as text//todo: sanitize ???
if("num")
L[L.Find(variable)] = input("Enter new number:","Num") as num
@@ -450,7 +450,7 @@ var/list/forbidden_varedit_object_types = list(
return .(O.vars[variable])
if("text")
var/var_new = input("Enter new text:","Text",O.vars[variable]) as null|text
var/var_new = input("Enter new text:","Text",O.vars[variable]) as null|text//todo: sanitize ???
if(var_new==null) return
O.vars[variable] = var_new

12
code/modules/admin/verbs/randomverbs.dm
View File

@@ -52,7 +52,7 @@
src << "Only administrators may use this command."
return
var/msg = input("Message:", text("Subtle PM to [M.key]")) as text
var/msg = sanitize(input("Message:", text("Subtle PM to [M.key]")) as text)
if (!msg)
return
@@ -109,7 +109,7 @@
src << "Only administrators may use this command."
return
var/msg = input("Message:", text("Enter the text you wish to appear to everyone:")) as text
var/msg = sanitize(input("Message:", text("Enter the text you wish to appear to everyone:")) as text)
if (!msg)
return
@@ -132,7 +132,7 @@
if(!M)
return
var/msg = input("Message:", text("Enter the text you wish to appear to your target:")) as text
var/msg = sanitize(input("Message:", text("Enter the text you wish to appear to your target:")) as text)
if( !msg )
return
@@ -475,7 +475,7 @@ Traitors and the like can also be revived with the previous role mostly intact.
if(!holder)
src << "Only administrators may use this command."
return
var/input = input(usr, "Please enter anything you want the AI to do. Anything. Serious.", "What?", "") as text|null
var/input = sanitize(input(usr, "Please enter anything you want the AI to do. Anything. Serious.", "What?", "") as text|null)
if(!input)
return
for(var/mob/living/silicon/ai/M in mob_list)
@@ -523,8 +523,8 @@ Traitors and the like can also be revived with the previous role mostly intact.
if(!holder)
src << "Only administrators may use this command."
return
var/input = input(usr, "Please enter anything you want. Anything. Serious.", "What?", "") as message|null
var/customname = input(usr, "Pick a title for the report.", "Title") as text|null
var/input = sanitize(input(usr, "Please enter anything you want. Anything. Serious.", "What?", "") as message|null, extra = 0)
var/customname = sanitizeSafe(input(usr, "Pick a title for the report.", "Title") as text|null)
if(!input)
return
if(!customname)