cyberpresidentvanellope/CHOMPStation2
1
0
Fork 0
mirror of https://github.com/CHOMPStation2/CHOMPStation2.git synced 2025-12-13 03:33:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
eda9677ab2001e71cd7430ddc07eb08614f47cf4
CHOMPStation2/code/modules/client/client procs.dm
baloh.matevz@gmail.com 9a94312431 - Added spam-prevention code. If someone sends the same message 5 times in a row, they will get the message "You are nearing the spam filter limit for identical messages." If they continue to send the same message (if they send it 10 times in total) they will get an auto-mute for the channel they are sending it through. The number of identical messages which triggers a warning and automute can be configured in setup.dm 
- Added channel-specific admin muting. Admins can now mute someone from IC (say, me and whisper), OOC, PRAY, ADMINHELP (adminhelp, admin pm and asay) and DEADCHAT (say while dead and dsay)
- Added a (?) to adminhelps and prayers which displays the same quick overview that all the other (?)-s show, but for the person adminhelping or praying.

git-svn-id: http://tgstation13.googlecode.com/svn/trunk@3888 316c924e-a436-60f5-8080-3fe189b3f50e
2012-06-22 05:54:43 +00:00

116 lines
3.9 KiB
Plaintext
Raw Blame History

////////////
//SECURITY//
////////////
#define TOPIC_SPAM_DELAY 4 //4 tick delay is about half a second
// REDUCED because holy fucking balls the delay was too damn high
#define UPLOAD_LIMIT 1048576 //Restricts client uploads to the server to 1MB //Could probably do with being lower.
/*
When somebody clicks a link in game, this Topic is called first.
It does the stuff in this proc and then is redirected to the Topic() proc for the src=[0xWhatever]
(if specified in the link). ie locate(hsrc).Topic()
Such links can be spoofed.
Because of this certain things MUST be considered whenever adding a Topic() for something:
- Can it be fed harmful values which could cause runtimes?
- Is the Topic call an admin-only thing?
- If so, does it have checks to see if the person who called it (usr.client) is an admin?
- Are the processes being called by Topic() particularly laggy?
- If so, is there any protection against somebody spam-clicking a link?
If you have any questions about this stuff feel free to ask. ~Carn
*/
/client/Topic(href, href_list, hsrc)
//Reduces spamming of links by dropping calls that happen during the delay period
if(next_allowed_topic_time > world.time)
// src << "\red DEBUG: Error: SPAM"
return
next_allowed_topic_time = world.time + TOPIC_SPAM_DELAY
//search the href for script injection
if( findtext(href,"<script",1,0) )
world.log << "Attempted use of scripts within a topic call, by [src]"
message_admins("Attempted use of scripts within a topic call, by [src]")
del(usr)
return
//Admin PM
if(href_list["priv_msg"])
var/client/C = locate(href_list["priv_msg"])
if(ismob(C)) //Old stuff can feed-in mobs instead of clients
var/mob/M = C
C = M.client
cmd_admin_pm(C,null)
return
//Logs all hrefs
if(config && config.log_hrefs && href_logfile)
href_logfile << "<small>[time2text(world.timeofday,"hh:mm")] [src] (usr:[usr])</small> || [href]<br>"
if(view_var_Topic(href,href_list,hsrc)) //Until viewvars can be rewritten as datum/admins/Topic()
return
..() //redirect to [locate(hsrc)]/Topic()
/client/proc/handle_spam_prevention(var/message, var/mute_type)
if(src.last_message == message)
src.last_message_count++
if(src.last_message_count >= SPAM_TRIGGER_AUTOMUTE)
src << "\red You have exceeded the spam filter limit for identical messages. An auto-mute was applied."
cmd_admin_mute(src.mob, mute_type, 1)
return 1
if(src.last_message_count >= SPAM_TRIGGER_WARNING)
src << "\red You are nearing the spam filter limit for identical messages."
return 0
else
last_message = message
src.last_message_count = 0
return 0
//This stops files larger than UPLOAD_LIMIT being sent from client to server via input(), client.Import() etc.
/client/AllowUpload(filename, filelength)
if(filelength > UPLOAD_LIMIT)
src << "<font color='red'>Error: AllowUpload(): File Upload too large. Upload Limit: [UPLOAD_LIMIT/1024]KiB.</font>"
return 0
/* //Don't need this at the moment. But it's here if it's needed later.
//Helps prevent multiple files being uploaded at once. Or right after eachother.
var/time_to_wait = fileaccess_timer - world.time
if(time_to_wait > 0)
src << "<font color='red'>Error: AllowUpload(): Spam prevention. Please wait [round(time_to_wait/10)] seconds.</font>"
return 0
fileaccess_timer = world.time + FTPDELAY */
return 1
///////////
//CONNECT//
///////////
/client/New()
//Connection-Type Checking
if( connection != "seeker" )
del(src)
return
if (((world.address == address || !(address)) && !(host)))
host = key
world.update_status()
..() //calls mob.Login()
//Admin Authorisation
if( ckey in admins )
holder = new /obj/admins(src)
holder.rank = admins[ckey]
update_admins(admins[ckey])
admin_memo_show()
//////////////
//DISCONNECT//
//////////////
/client/Del()
spawn(0)
if(holder)
del(holder)
return ..()
Reference in New Issue View Git Blame Copy Permalink