Merge branch 'master' of https://github.com/ParadiseSS13/Paradise into turfs

# Conflicts:
#	paradise.dme
This commit is contained in:
Mark van Alphen
2019-05-31 05:48:49 +02:00
24 changed files with 525 additions and 148 deletions
+15 -1
View File
@@ -150,6 +150,8 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration =
if(isjobban)
jobban_client_fullban(ckey, job)
else
flag_account_for_forum_sync(ckey)
datum/admins/proc/DB_ban_unban(var/ckey, var/bantype, var/job = "")
@@ -228,6 +230,8 @@ datum/admins/proc/DB_ban_unban(var/ckey, var/bantype, var/job = "")
DB_ban_unban_by_id(ban_id)
if(isjobban)
jobban_unban_client(ckey, job)
else
flag_account_for_forum_sync(ckey)
datum/admins/proc/DB_ban_edit(var/banid = null, var/param = null)
@@ -333,6 +337,8 @@ datum/admins/proc/DB_ban_unban_by_id(var/id)
var/DBQuery/query_update = dbcon.NewQuery(sql_update)
query_update.Execute()
flag_account_for_forum_sync(pckey)
/client/proc/DB_ban_panel()
set category = "Admin"
@@ -566,4 +572,12 @@ datum/admins/proc/DB_ban_unban_by_id(var/id)
output += "</table></div>"
usr << browse(output,"window=lookupbans;size=900x700")
usr << browse(output,"window=lookupbans;size=900x700")
/proc/flag_account_for_forum_sync(ckey)
if(!dbcon)
return
var/skey = sanitizeSQL(ckey)
var/sql = "UPDATE [format_table_name("player")] SET fupdate = 1 WHERE ckey = '[skey]'"
var/DBQuery/adm_query = dbcon.NewQuery(sql)
adm_query.Execute()
+16 -1
View File
@@ -1,5 +1,12 @@
//Blocks an attempt to connect before even creating our client datum thing.
world/IsBanned(key,address,computer_id)
world/IsBanned(key, address, computer_id, check_ipintel = TRUE)
if(!config.ban_legacy_system)
if(address)
address = sanitizeSQL(address)
if(computer_id)
computer_id = sanitizeSQL(computer_id)
if(!key || !address || !computer_id)
log_adminwarn("Failed Login (invalid data): [key] [address]-[computer_id]")
return list("reason"="invalid login data", "desc"="Error: Could not check ban status, please try again. Error message: Your computer provided invalid or blank information to the server on connection (BYOND Username, IP, and Computer ID). Provided information for reference: Username: '[key]' IP: '[address]' Computer ID: '[computer_id]'. If you continue to get this error, please restart byond or contact byond support.")
@@ -31,6 +38,14 @@ world/IsBanned(key,address,computer_id)
mistakemessage = "\nIf you believe this is a mistake, please request help at [config.banappeals]."
return list("reason"="using Tor", "desc"="\nReason: The network you are using to connect has been banned.[mistakemessage]")
//check if the IP address is a known proxy/vpn, and the user is not whitelisted
if(check_ipintel && config.ipintel_email && config.ipintel_whitelist && ipintel_is_banned(key, address))
log_adminwarn("Failed Login: [key] [computer_id] [address] - Proxy/VPN")
var/mistakemessage = ""
if(config.banappeals)
mistakemessage = "\nIf you have to use one, request whitelisting at: [config.banappeals]"
return list("reason"="using proxy or vpn", "desc"="\nReason: Proxies/VPNs are not allowed here. [mistakemessage]")
if(config.ban_legacy_system)
//Ban Checking
+9
View File
@@ -276,6 +276,15 @@ var/global/nologevent = 0
show_note(key)
/datum/admins/proc/vpn_whitelist()
set category = "Admin"
set name = "VPN Ckey Whitelist"
if(!check_rights(R_ADMIN))
return
var/key = stripped_input(usr, "Enter ckey to add/remove, or leave blank to cancel:", "VPN Whitelist add/remove", max_length=32)
if(key)
vpn_whitelist_panel(key)
/datum/admins/proc/access_news_network() //MARKER
set category = "Event"
set name = "Access Newscaster Network"
+1
View File
@@ -53,6 +53,7 @@ var/list/admin_verbs_admin = list(
/datum/admins/proc/PlayerNotes,
/client/proc/cmd_mentor_say,
/datum/admins/proc/show_player_notes,
/datum/admins/proc/vpn_whitelist,
/client/proc/free_slot, /*frees slot for chosen job*/
/client/proc/toggleattacklogs,
/client/proc/toggleadminlogs,
+228
View File
@@ -0,0 +1,228 @@
/datum/ipintel
var/ip
var/intel = 0
var/cache = FALSE
var/cacheminutesago = 0
var/cachedate = ""
var/cacherealtime = 0
/datum/ipintel/New()
cachedate = SQLtime()
cacherealtime = world.realtime
/datum/ipintel/proc/is_valid()
. = FALSE
if(intel < 0)
return
if(intel <= config.ipintel_rating_bad)
if(world.realtime < cacherealtime + (config.ipintel_save_good HOURS))
return TRUE
else
if(world.realtime < cacherealtime + (config.ipintel_save_bad HOURS))
return TRUE
/proc/get_ip_intel(ip, bypasscache = FALSE, updatecache = TRUE)
var/datum/ipintel/res = new()
ip = sanitizeSQL(ip)
res.ip = ip
. = res
if(!ip || !config.ipintel_email || !SSipintel.enabled)
return
if(!bypasscache)
var/datum/ipintel/cachedintel = SSipintel.cache[ip]
if(cachedintel && cachedintel.is_valid())
cachedintel.cache = TRUE
return cachedintel
if(dbcon.IsConnected())
var/rating_bad = config.ipintel_rating_bad
var/DBQuery/query_get_ip_intel = dbcon.NewQuery({"
SELECT date, intel, TIMESTAMPDIFF(MINUTE,date,NOW())
FROM [format_table_name("ipintel")]
WHERE
ip = INET_ATON('[ip]')
AND ((
intel < [rating_bad]
AND
date + INTERVAL [config.ipintel_save_good] HOUR > NOW()
) OR (
intel >= [rating_bad]
AND
date + INTERVAL [config.ipintel_save_bad] HOUR > NOW()
))
"})
if(!query_get_ip_intel.Execute())
qdel(query_get_ip_intel)
return
if(query_get_ip_intel.NextRow())
res.cache = TRUE
res.cachedate = query_get_ip_intel.item[1]
res.intel = text2num(query_get_ip_intel.item[2])
res.cacheminutesago = text2num(query_get_ip_intel.item[3])
res.cacherealtime = world.realtime - (text2num(query_get_ip_intel.item[3])*10*60)
SSipintel.cache[ip] = res
qdel(query_get_ip_intel)
return
qdel(query_get_ip_intel)
res.intel = ip_intel_query(ip)
if(updatecache && res.intel >= 0)
SSipintel.cache[ip] = res
if(dbcon.IsConnected())
var/DBQuery/query_add_ip_intel = dbcon.NewQuery("INSERT INTO [format_table_name("ipintel")] (ip, intel) VALUES (INET_ATON('[ip]'), [res.intel]) ON DUPLICATE KEY UPDATE intel = VALUES(intel), date = NOW()")
query_add_ip_intel.Execute()
qdel(query_add_ip_intel)
/proc/ip_intel_query(ip, var/retryed=0)
. = -1 //default
if(!ip)
return
if(SSipintel.throttle > world.timeofday)
return
if(!SSipintel.enabled)
return
var/list/http[] = world.Export("http://[config.ipintel_domain]/check.php?ip=[ip]&contact=[config.ipintel_email]&format=json&flags=b")
if(http)
var/status = text2num(http["STATUS"])
if(status == 200)
var/response = json_decode(file2text(http["CONTENT"]))
if(response)
if(response["status"] == "success")
var/intelnum = text2num(response["result"])
if(isnum(intelnum))
return text2num(response["result"])
else
ipintel_handle_error("Bad intel from server: [response["result"]].", ip, retryed)
if(!retryed)
sleep(25)
return .(ip, 1)
else
ipintel_handle_error("Bad response from server: [response["status"]].", ip, retryed)
if(!retryed)
sleep(25)
return .(ip, 1)
else if(status == 429)
ipintel_handle_error("Error #429: We have exceeded the rate limit.", ip, 1)
return
else
ipintel_handle_error("Unknown status code: [status].", ip, retryed)
if(!retryed)
sleep(25)
return .(ip, 1)
else
ipintel_handle_error("Unable to connect to API.", ip, retryed)
if(!retryed)
sleep(25)
return .(ip, 1)
/proc/ipintel_handle_error(error, ip, retryed)
if(retryed)
SSipintel.errors++
error += " Could not check [ip]. Disabling IPINTEL for [SSipintel.errors] minute[( SSipintel.errors == 1 ? "" : "s" )]"
SSipintel.throttle = world.timeofday + (2 * SSipintel.errors MINUTES)
else
error += " Attempting retry on [ip]."
log_ipintel(error)
/proc/log_ipintel(text)
log_game("IPINTEL: [text]")
log_debug("IPINTEL: [text]")
/proc/ipintel_is_banned(t_ckey, t_ip)
if(!config.ipintel_email)
return FALSE
if(!config.ipintel_whitelist)
return FALSE
if(!dbcon.IsConnected())
return FALSE
if(!ipintel_badip_check(t_ip))
return FALSE
if(vpn_whitelist_check(t_ckey))
return FALSE
return TRUE
/proc/ipintel_badip_check(target_ip)
var/rating_bad = config.ipintel_rating_bad
if(!rating_bad)
log_debug("ipintel_badip_check reports misconfigured rating_bad directive")
return FALSE
var/valid_hours = config.ipintel_save_bad
if(!valid_hours)
log_debug("ipintel_badip_check reports misconfigured ipintel_save_bad directive")
return FALSE
target_ip = sanitizeSQL(target_ip)
rating_bad = sanitizeSQL(rating_bad)
valid_hours = sanitizeSQL(valid_hours)
var/check_sql = {"SELECT * FROM [format_table_name("ipintel")] WHERE ip = INET_ATON('[target_ip]') AND intel >= [rating_bad] AND (date + INTERVAL [valid_hours] HOUR) > NOW()"}
var/DBQuery/query_get_ip_intel = dbcon.NewQuery(check_sql)
if(!query_get_ip_intel.Execute())
log_debug("ipintel_badip_check reports failed query execution")
qdel(query_get_ip_intel)
return FALSE
if(!query_get_ip_intel.NextRow())
qdel(query_get_ip_intel)
return FALSE
qdel(query_get_ip_intel)
return TRUE
/proc/vpn_whitelist_check(target_ckey)
if(!config.ipintel_whitelist)
return FALSE
var/target_sql_ckey = ckey(target_ckey)
var/DBQuery/query_whitelist_check = dbcon.NewQuery("SELECT * FROM [format_table_name("vpn_whitelist")] WHERE ckey = '[target_sql_ckey]'")
if(!query_whitelist_check.Execute())
var/err = query_whitelist_check.ErrorMsg()
log_debug("SQL ERROR on proc/vpn_whitelist_check for ckey '[target_sql_ckey]'. Error : \[[err]\]\n")
return FALSE
if(query_whitelist_check.NextRow())
return TRUE // At least one row in the whitelist names their ckey. That means they are whitelisted.
return FALSE
/proc/vpn_whitelist_add(target_ckey)
var/target_sql_ckey = ckey(target_ckey)
var/reason_string = input(usr, "Enter link to the URL of their whitelist request on the forum.","Reason required") as message|null
if(!reason_string)
return FALSE
reason_string = sanitizeSQL(reason_string)
var/DBQuery/query_whitelist_add = dbcon.NewQuery("INSERT INTO [format_table_name("vpn_whitelist")] (ckey,reason) VALUES ('[target_sql_ckey]','[reason_string]')")
if(!query_whitelist_add.Execute())
var/err = query_whitelist_add.ErrorMsg()
log_debug("SQL ERROR on proc/vpn_whitelist_add for ckey '[target_sql_ckey]'. Error : \[[err]\]\n")
return FALSE
return TRUE
/proc/vpn_whitelist_remove(target_ckey)
var/target_sql_ckey = ckey(target_ckey)
var/DBQuery/query_whitelist_remove = dbcon.NewQuery("DELETE FROM [format_table_name("vpn_whitelist")] WHERE ckey = '[target_sql_ckey]'")
if(!query_whitelist_remove.Execute())
var/err = query_whitelist_remove.ErrorMsg()
log_debug("SQL ERROR on proc/vpn_whitelist_remove for ckey '[target_sql_ckey]'. Error : \[[err]\]\n")
return FALSE
return TRUE
/proc/vpn_whitelist_panel(target_ckey as text)
if(!check_rights(R_ADMIN))
return
if(!target_ckey)
return
var/is_already_whitelisted = vpn_whitelist_check(target_ckey)
if(is_already_whitelisted)
var/confirm = alert("[target_ckey] is already whitelisted. Remove them?", "Confirm Removal", "No", "Yes")
if(!confirm || confirm != "Yes")
to_chat(usr, "VPN whitelist alteration cancelled.")
return
else if(vpn_whitelist_remove(target_ckey))
to_chat(usr, "[target_ckey] was removed from the VPN whitelist.")
else
to_chat(usr, "VPN whitelist unchanged.")
else
if(vpn_whitelist_add(target_ckey))
to_chat(usr, "[target_ckey] was added to the VPN whitelist.")
else
to_chat(usr, "VPN whitelist unchanged.")