mirror of
https://github.com/ParadiseSS13/Paradise.git
synced 2026-07-13 08:03:43 +01:00
Merge branch 'master' of https://github.com/ParadiseSS13/Paradise into turfs
# Conflicts: # paradise.dme
This commit is contained in:
@@ -150,6 +150,8 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration =
|
||||
|
||||
if(isjobban)
|
||||
jobban_client_fullban(ckey, job)
|
||||
else
|
||||
flag_account_for_forum_sync(ckey)
|
||||
|
||||
datum/admins/proc/DB_ban_unban(var/ckey, var/bantype, var/job = "")
|
||||
|
||||
@@ -228,6 +230,8 @@ datum/admins/proc/DB_ban_unban(var/ckey, var/bantype, var/job = "")
|
||||
DB_ban_unban_by_id(ban_id)
|
||||
if(isjobban)
|
||||
jobban_unban_client(ckey, job)
|
||||
else
|
||||
flag_account_for_forum_sync(ckey)
|
||||
|
||||
datum/admins/proc/DB_ban_edit(var/banid = null, var/param = null)
|
||||
|
||||
@@ -333,6 +337,8 @@ datum/admins/proc/DB_ban_unban_by_id(var/id)
|
||||
var/DBQuery/query_update = dbcon.NewQuery(sql_update)
|
||||
query_update.Execute()
|
||||
|
||||
flag_account_for_forum_sync(pckey)
|
||||
|
||||
|
||||
/client/proc/DB_ban_panel()
|
||||
set category = "Admin"
|
||||
@@ -566,4 +572,12 @@ datum/admins/proc/DB_ban_unban_by_id(var/id)
|
||||
|
||||
output += "</table></div>"
|
||||
|
||||
usr << browse(output,"window=lookupbans;size=900x700")
|
||||
usr << browse(output,"window=lookupbans;size=900x700")
|
||||
|
||||
/proc/flag_account_for_forum_sync(ckey)
|
||||
if(!dbcon)
|
||||
return
|
||||
var/skey = sanitizeSQL(ckey)
|
||||
var/sql = "UPDATE [format_table_name("player")] SET fupdate = 1 WHERE ckey = '[skey]'"
|
||||
var/DBQuery/adm_query = dbcon.NewQuery(sql)
|
||||
adm_query.Execute()
|
||||
|
||||
@@ -1,5 +1,12 @@
|
||||
//Blocks an attempt to connect before even creating our client datum thing.
|
||||
world/IsBanned(key,address,computer_id)
|
||||
world/IsBanned(key, address, computer_id, check_ipintel = TRUE)
|
||||
|
||||
if(!config.ban_legacy_system)
|
||||
if(address)
|
||||
address = sanitizeSQL(address)
|
||||
if(computer_id)
|
||||
computer_id = sanitizeSQL(computer_id)
|
||||
|
||||
if(!key || !address || !computer_id)
|
||||
log_adminwarn("Failed Login (invalid data): [key] [address]-[computer_id]")
|
||||
return list("reason"="invalid login data", "desc"="Error: Could not check ban status, please try again. Error message: Your computer provided invalid or blank information to the server on connection (BYOND Username, IP, and Computer ID). Provided information for reference: Username: '[key]' IP: '[address]' Computer ID: '[computer_id]'. If you continue to get this error, please restart byond or contact byond support.")
|
||||
@@ -31,6 +38,14 @@ world/IsBanned(key,address,computer_id)
|
||||
mistakemessage = "\nIf you believe this is a mistake, please request help at [config.banappeals]."
|
||||
return list("reason"="using Tor", "desc"="\nReason: The network you are using to connect has been banned.[mistakemessage]")
|
||||
|
||||
//check if the IP address is a known proxy/vpn, and the user is not whitelisted
|
||||
if(check_ipintel && config.ipintel_email && config.ipintel_whitelist && ipintel_is_banned(key, address))
|
||||
log_adminwarn("Failed Login: [key] [computer_id] [address] - Proxy/VPN")
|
||||
var/mistakemessage = ""
|
||||
if(config.banappeals)
|
||||
mistakemessage = "\nIf you have to use one, request whitelisting at: [config.banappeals]"
|
||||
return list("reason"="using proxy or vpn", "desc"="\nReason: Proxies/VPNs are not allowed here. [mistakemessage]")
|
||||
|
||||
|
||||
if(config.ban_legacy_system)
|
||||
//Ban Checking
|
||||
|
||||
@@ -276,6 +276,15 @@ var/global/nologevent = 0
|
||||
|
||||
show_note(key)
|
||||
|
||||
/datum/admins/proc/vpn_whitelist()
|
||||
set category = "Admin"
|
||||
set name = "VPN Ckey Whitelist"
|
||||
if(!check_rights(R_ADMIN))
|
||||
return
|
||||
var/key = stripped_input(usr, "Enter ckey to add/remove, or leave blank to cancel:", "VPN Whitelist add/remove", max_length=32)
|
||||
if(key)
|
||||
vpn_whitelist_panel(key)
|
||||
|
||||
/datum/admins/proc/access_news_network() //MARKER
|
||||
set category = "Event"
|
||||
set name = "Access Newscaster Network"
|
||||
|
||||
@@ -53,6 +53,7 @@ var/list/admin_verbs_admin = list(
|
||||
/datum/admins/proc/PlayerNotes,
|
||||
/client/proc/cmd_mentor_say,
|
||||
/datum/admins/proc/show_player_notes,
|
||||
/datum/admins/proc/vpn_whitelist,
|
||||
/client/proc/free_slot, /*frees slot for chosen job*/
|
||||
/client/proc/toggleattacklogs,
|
||||
/client/proc/toggleadminlogs,
|
||||
|
||||
@@ -0,0 +1,228 @@
|
||||
/datum/ipintel
|
||||
var/ip
|
||||
var/intel = 0
|
||||
var/cache = FALSE
|
||||
var/cacheminutesago = 0
|
||||
var/cachedate = ""
|
||||
var/cacherealtime = 0
|
||||
|
||||
/datum/ipintel/New()
|
||||
cachedate = SQLtime()
|
||||
cacherealtime = world.realtime
|
||||
|
||||
/datum/ipintel/proc/is_valid()
|
||||
. = FALSE
|
||||
if(intel < 0)
|
||||
return
|
||||
if(intel <= config.ipintel_rating_bad)
|
||||
if(world.realtime < cacherealtime + (config.ipintel_save_good HOURS))
|
||||
return TRUE
|
||||
else
|
||||
if(world.realtime < cacherealtime + (config.ipintel_save_bad HOURS))
|
||||
return TRUE
|
||||
|
||||
/proc/get_ip_intel(ip, bypasscache = FALSE, updatecache = TRUE)
|
||||
var/datum/ipintel/res = new()
|
||||
ip = sanitizeSQL(ip)
|
||||
res.ip = ip
|
||||
. = res
|
||||
if(!ip || !config.ipintel_email || !SSipintel.enabled)
|
||||
return
|
||||
if(!bypasscache)
|
||||
var/datum/ipintel/cachedintel = SSipintel.cache[ip]
|
||||
if(cachedintel && cachedintel.is_valid())
|
||||
cachedintel.cache = TRUE
|
||||
return cachedintel
|
||||
|
||||
if(dbcon.IsConnected())
|
||||
var/rating_bad = config.ipintel_rating_bad
|
||||
var/DBQuery/query_get_ip_intel = dbcon.NewQuery({"
|
||||
SELECT date, intel, TIMESTAMPDIFF(MINUTE,date,NOW())
|
||||
FROM [format_table_name("ipintel")]
|
||||
WHERE
|
||||
ip = INET_ATON('[ip]')
|
||||
AND ((
|
||||
intel < [rating_bad]
|
||||
AND
|
||||
date + INTERVAL [config.ipintel_save_good] HOUR > NOW()
|
||||
) OR (
|
||||
intel >= [rating_bad]
|
||||
AND
|
||||
date + INTERVAL [config.ipintel_save_bad] HOUR > NOW()
|
||||
))
|
||||
"})
|
||||
if(!query_get_ip_intel.Execute())
|
||||
qdel(query_get_ip_intel)
|
||||
return
|
||||
if(query_get_ip_intel.NextRow())
|
||||
res.cache = TRUE
|
||||
res.cachedate = query_get_ip_intel.item[1]
|
||||
res.intel = text2num(query_get_ip_intel.item[2])
|
||||
res.cacheminutesago = text2num(query_get_ip_intel.item[3])
|
||||
res.cacherealtime = world.realtime - (text2num(query_get_ip_intel.item[3])*10*60)
|
||||
SSipintel.cache[ip] = res
|
||||
qdel(query_get_ip_intel)
|
||||
return
|
||||
qdel(query_get_ip_intel)
|
||||
res.intel = ip_intel_query(ip)
|
||||
if(updatecache && res.intel >= 0)
|
||||
SSipintel.cache[ip] = res
|
||||
if(dbcon.IsConnected())
|
||||
var/DBQuery/query_add_ip_intel = dbcon.NewQuery("INSERT INTO [format_table_name("ipintel")] (ip, intel) VALUES (INET_ATON('[ip]'), [res.intel]) ON DUPLICATE KEY UPDATE intel = VALUES(intel), date = NOW()")
|
||||
query_add_ip_intel.Execute()
|
||||
qdel(query_add_ip_intel)
|
||||
|
||||
|
||||
/proc/ip_intel_query(ip, var/retryed=0)
|
||||
. = -1 //default
|
||||
if(!ip)
|
||||
return
|
||||
if(SSipintel.throttle > world.timeofday)
|
||||
return
|
||||
if(!SSipintel.enabled)
|
||||
return
|
||||
|
||||
var/list/http[] = world.Export("http://[config.ipintel_domain]/check.php?ip=[ip]&contact=[config.ipintel_email]&format=json&flags=b")
|
||||
|
||||
if(http)
|
||||
var/status = text2num(http["STATUS"])
|
||||
|
||||
if(status == 200)
|
||||
var/response = json_decode(file2text(http["CONTENT"]))
|
||||
if(response)
|
||||
if(response["status"] == "success")
|
||||
var/intelnum = text2num(response["result"])
|
||||
if(isnum(intelnum))
|
||||
return text2num(response["result"])
|
||||
else
|
||||
ipintel_handle_error("Bad intel from server: [response["result"]].", ip, retryed)
|
||||
if(!retryed)
|
||||
sleep(25)
|
||||
return .(ip, 1)
|
||||
else
|
||||
ipintel_handle_error("Bad response from server: [response["status"]].", ip, retryed)
|
||||
if(!retryed)
|
||||
sleep(25)
|
||||
return .(ip, 1)
|
||||
|
||||
else if(status == 429)
|
||||
ipintel_handle_error("Error #429: We have exceeded the rate limit.", ip, 1)
|
||||
return
|
||||
else
|
||||
ipintel_handle_error("Unknown status code: [status].", ip, retryed)
|
||||
if(!retryed)
|
||||
sleep(25)
|
||||
return .(ip, 1)
|
||||
else
|
||||
ipintel_handle_error("Unable to connect to API.", ip, retryed)
|
||||
if(!retryed)
|
||||
sleep(25)
|
||||
return .(ip, 1)
|
||||
|
||||
|
||||
/proc/ipintel_handle_error(error, ip, retryed)
|
||||
if(retryed)
|
||||
SSipintel.errors++
|
||||
error += " Could not check [ip]. Disabling IPINTEL for [SSipintel.errors] minute[( SSipintel.errors == 1 ? "" : "s" )]"
|
||||
SSipintel.throttle = world.timeofday + (2 * SSipintel.errors MINUTES)
|
||||
else
|
||||
error += " Attempting retry on [ip]."
|
||||
log_ipintel(error)
|
||||
|
||||
/proc/log_ipintel(text)
|
||||
log_game("IPINTEL: [text]")
|
||||
log_debug("IPINTEL: [text]")
|
||||
|
||||
|
||||
/proc/ipintel_is_banned(t_ckey, t_ip)
|
||||
if(!config.ipintel_email)
|
||||
return FALSE
|
||||
if(!config.ipintel_whitelist)
|
||||
return FALSE
|
||||
if(!dbcon.IsConnected())
|
||||
return FALSE
|
||||
if(!ipintel_badip_check(t_ip))
|
||||
return FALSE
|
||||
if(vpn_whitelist_check(t_ckey))
|
||||
return FALSE
|
||||
return TRUE
|
||||
|
||||
/proc/ipintel_badip_check(target_ip)
|
||||
var/rating_bad = config.ipintel_rating_bad
|
||||
if(!rating_bad)
|
||||
log_debug("ipintel_badip_check reports misconfigured rating_bad directive")
|
||||
return FALSE
|
||||
var/valid_hours = config.ipintel_save_bad
|
||||
if(!valid_hours)
|
||||
log_debug("ipintel_badip_check reports misconfigured ipintel_save_bad directive")
|
||||
return FALSE
|
||||
target_ip = sanitizeSQL(target_ip)
|
||||
rating_bad = sanitizeSQL(rating_bad)
|
||||
valid_hours = sanitizeSQL(valid_hours)
|
||||
var/check_sql = {"SELECT * FROM [format_table_name("ipintel")] WHERE ip = INET_ATON('[target_ip]') AND intel >= [rating_bad] AND (date + INTERVAL [valid_hours] HOUR) > NOW()"}
|
||||
var/DBQuery/query_get_ip_intel = dbcon.NewQuery(check_sql)
|
||||
if(!query_get_ip_intel.Execute())
|
||||
log_debug("ipintel_badip_check reports failed query execution")
|
||||
qdel(query_get_ip_intel)
|
||||
return FALSE
|
||||
if(!query_get_ip_intel.NextRow())
|
||||
qdel(query_get_ip_intel)
|
||||
return FALSE
|
||||
qdel(query_get_ip_intel)
|
||||
return TRUE
|
||||
|
||||
/proc/vpn_whitelist_check(target_ckey)
|
||||
if(!config.ipintel_whitelist)
|
||||
return FALSE
|
||||
var/target_sql_ckey = ckey(target_ckey)
|
||||
var/DBQuery/query_whitelist_check = dbcon.NewQuery("SELECT * FROM [format_table_name("vpn_whitelist")] WHERE ckey = '[target_sql_ckey]'")
|
||||
if(!query_whitelist_check.Execute())
|
||||
var/err = query_whitelist_check.ErrorMsg()
|
||||
log_debug("SQL ERROR on proc/vpn_whitelist_check for ckey '[target_sql_ckey]'. Error : \[[err]\]\n")
|
||||
return FALSE
|
||||
if(query_whitelist_check.NextRow())
|
||||
return TRUE // At least one row in the whitelist names their ckey. That means they are whitelisted.
|
||||
return FALSE
|
||||
|
||||
/proc/vpn_whitelist_add(target_ckey)
|
||||
var/target_sql_ckey = ckey(target_ckey)
|
||||
var/reason_string = input(usr, "Enter link to the URL of their whitelist request on the forum.","Reason required") as message|null
|
||||
if(!reason_string)
|
||||
return FALSE
|
||||
reason_string = sanitizeSQL(reason_string)
|
||||
var/DBQuery/query_whitelist_add = dbcon.NewQuery("INSERT INTO [format_table_name("vpn_whitelist")] (ckey,reason) VALUES ('[target_sql_ckey]','[reason_string]')")
|
||||
if(!query_whitelist_add.Execute())
|
||||
var/err = query_whitelist_add.ErrorMsg()
|
||||
log_debug("SQL ERROR on proc/vpn_whitelist_add for ckey '[target_sql_ckey]'. Error : \[[err]\]\n")
|
||||
return FALSE
|
||||
return TRUE
|
||||
|
||||
/proc/vpn_whitelist_remove(target_ckey)
|
||||
var/target_sql_ckey = ckey(target_ckey)
|
||||
var/DBQuery/query_whitelist_remove = dbcon.NewQuery("DELETE FROM [format_table_name("vpn_whitelist")] WHERE ckey = '[target_sql_ckey]'")
|
||||
if(!query_whitelist_remove.Execute())
|
||||
var/err = query_whitelist_remove.ErrorMsg()
|
||||
log_debug("SQL ERROR on proc/vpn_whitelist_remove for ckey '[target_sql_ckey]'. Error : \[[err]\]\n")
|
||||
return FALSE
|
||||
return TRUE
|
||||
|
||||
/proc/vpn_whitelist_panel(target_ckey as text)
|
||||
if(!check_rights(R_ADMIN))
|
||||
return
|
||||
if(!target_ckey)
|
||||
return
|
||||
var/is_already_whitelisted = vpn_whitelist_check(target_ckey)
|
||||
if(is_already_whitelisted)
|
||||
var/confirm = alert("[target_ckey] is already whitelisted. Remove them?", "Confirm Removal", "No", "Yes")
|
||||
if(!confirm || confirm != "Yes")
|
||||
to_chat(usr, "VPN whitelist alteration cancelled.")
|
||||
return
|
||||
else if(vpn_whitelist_remove(target_ckey))
|
||||
to_chat(usr, "[target_ckey] was removed from the VPN whitelist.")
|
||||
else
|
||||
to_chat(usr, "VPN whitelist unchanged.")
|
||||
else
|
||||
if(vpn_whitelist_add(target_ckey))
|
||||
to_chat(usr, "[target_ckey] was added to the VPN whitelist.")
|
||||
else
|
||||
to_chat(usr, "VPN whitelist unchanged.")
|
||||
Reference in New Issue
Block a user