From 1b1481788997a4ca12749e577add081adece6dfc Mon Sep 17 00:00:00 2001 From: Markolie Date: Sun, 27 Sep 2015 09:02:58 +0200 Subject: [PATCH 1/6] Add in-game stickyban interface --- code/modules/admin/IsBanned.dm | 66 ++++++--- code/modules/admin/admin_memo.dm | 4 +- code/modules/admin/admin_verbs.dm | 3 +- code/modules/admin/stickyban.dm | 207 ++++++++++++++++++++++++++++ code/modules/admin/topic.dm | 3 + code/modules/client/client procs.dm | 11 +- code/modules/client/message.dm | 9 ++ paradise.dme | 2 + 8 files changed, 282 insertions(+), 23 deletions(-) create mode 100644 code/modules/admin/stickyban.dm create mode 100644 code/modules/client/message.dm diff --git a/code/modules/admin/IsBanned.dm b/code/modules/admin/IsBanned.dm index e6d258b3386..0191d1c67bd 100644 --- a/code/modules/admin/IsBanned.dm +++ b/code/modules/admin/IsBanned.dm @@ -2,9 +2,11 @@ world/IsBanned(key,address,computer_id) if (!key || !address || !computer_id) log_access("Failed Login (invalid data): [key] [address]-[computer_id]") - return list("reason"="invalid login data", "desc"="Your computer provided invalid or blank information to the server on connection (byond username, IP, and Computer ID.) Provided information for reference: Username:'[key]' IP:'[address]' Computer ID:'[computer_id]' If you continue to get this error, please restart byond or contact byond support.") - if(ckey(key) in admin_datums) - return ..() + return list("reason"="invalid login data", "desc"="Error: Could not check ban status, Please try again. Error message: Your computer provided invalid or blank information to the server on connection (byond username, IP, and Computer ID.) Provided information for reference: Username:'[key]' IP:'[address]' Computer ID:'[computer_id]'. (If you continue to get this error, please restart byond or contact byond support.)") + var/admin = 0 + var/ckey = ckey(key) + if((ckey in admin_datums) || (ckey in deadmins)) + admin = 1 //Guest Checking if(!guests_allowed && IsGuestKey(key)) @@ -26,11 +28,13 @@ world/IsBanned(key,address,computer_id) //Ban Checking . = CheckBan( ckey(key), computer_id, address ) if(.) - log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") - message_admins("\blue Failed Login: [key] id:[computer_id] ip:[address] - Banned [.["reason"]]") - return . - - return ..() //default pager ban stuff + if (admin) + log_admin("The admin [key] has been allowed to bypass a matching ban on [.["key"]]") + message_admins("The admin [key] has been allowed to bypass a matching ban on [.["key"]]") + addclientmessage(ckey,"You have been allowed to bypass a matching ban on [.["key"]]") + else + log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") + return . else @@ -49,7 +53,7 @@ world/IsBanned(key,address,computer_id) if(computer_id) cidquery = " OR computerid = '[computer_id]' " - var/DBQuery/query = dbcon.NewQuery("SELECT ckey, ip, computerid, a_ckey, reason, expiration_time, duration, bantime, bantype FROM [format_table_name("ban")] WHERE (ckey = '[ckeytext]' [ipquery] [cidquery]) AND (bantype = 'PERMABAN' OR (bantype = 'TEMPBAN' AND expiration_time > Now())) AND isnull(unbanned)") + var/DBQuery/query = dbcon.NewQuery("SELECT ckey, ip, computerid, a_ckey, reason, expiration_time, duration, bantime, bantype FROM [format_table_name("ban")] WHERE (ckey = '[ckeytext]' [ipquery] [cidquery]) AND (bantype = 'PERMABAN' OR bantype = 'ADMIN_PERMABAN' OR ((bantype = 'TEMPBAN' OR bantype = 'ADMIN_TEMPBAN') AND expiration_time > Now())) AND isnull(unbanned)") query.Execute() @@ -63,18 +67,46 @@ world/IsBanned(key,address,computer_id) var/duration = query.item[7] var/bantime = query.item[8] var/bantype = query.item[9] - + if (bantype == "ADMIN_PERMABAN" || bantype == "ADMIN_TEMPBAN") + //admin bans MUST match on ckey to prevent cid-spoofing attacks + // as well as dynamic ip abuse + if (pckey != ckey) + continue + if (admin) + if (bantype == "ADMIN_PERMABAN" || bantype == "ADMIN_TEMPBAN") + log_admin("The admin [key] is admin banned, and has been disallowed access") + message_admins("The admin [key] is admin banned, and has been disallowed access") + else + log_admin("The admin [key] has been allowed to bypass a matching ban on [pckey]") + message_admins("The admin [key] has been allowed to bypass a matching ban on [pckey]") + addclientmessage(ckey,"You have been allowed to bypass a matching ban on [pckey]") + continue var/expires = "" if(text2num(duration) > 0) expires = "The ban is for [duration] minutes and expires on [expiration] (server time)." - if(istext(bantype) && (bantype == "PERMABAN")) - var/appealmsg = "" - if(config && config.banappeals) - appealmsg = " You may appeal it at [config.banappeals]." - expires = "The ban is permanent.[appealmsg]" + else + expires = " The is a permanent ban." var/desc = "\nReason: You, or another user of this computer or connection ([pckey]) is banned from playing here. The ban reason is:\n[reason]\nThis ban was applied by [ackey] on [bantime]. [expires]" - return list("reason"="[bantype]", "desc"="[desc]") + . = list("reason"="[bantype]", "desc"="[desc]") - return ..() //default pager ban stuff + + log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") + return . + + + . = ..() //default pager ban stuff + if (.) + //byond will not trigger isbanned() for "global" host bans, + //ie, ones where the "apply to this game only" checkbox is not checked (defaults to not checked) + //So it's safe to let admins walk thru host/sticky bans here + if (admin) + log_admin("The admin [key] has been allowed to bypass a matching host/sticky ban") + message_admins("The admin [key] has been allowed to bypass a matching host/sticky ban") + addclientmessage(ckey,"You have been allowed to bypass a matching host/sticky ban") + return null + else + log_access("Failed Login: [key] [computer_id] [address] - Banned [.["message"]]") + + return . diff --git a/code/modules/admin/admin_memo.dm b/code/modules/admin/admin_memo.dm index 03fc3767b8e..355a82aa697 100644 --- a/code/modules/admin/admin_memo.dm +++ b/code/modules/admin/admin_memo.dm @@ -11,7 +11,7 @@ return admin_memo_output(memotask) -/client/proc/admin_memo_output(task, checkrights = 1) +/client/proc/admin_memo_output(task, checkrights = 1, silent = 0) if(checkrights && !check_rights(R_SERVER)) return if(!task) @@ -99,7 +99,7 @@ if(last_editor) output += "
Last edit by [last_editor] (Click here to see edit log)" output += "
[memotext]

" - if(!output) + if(!output && !silent) src << "No memos found in database." return src << output diff --git a/code/modules/admin/admin_verbs.dm b/code/modules/admin/admin_verbs.dm index 5184f4e7dd2..ba036010873 100644 --- a/code/modules/admin/admin_verbs.dm +++ b/code/modules/admin/admin_verbs.dm @@ -74,7 +74,8 @@ var/list/admin_verbs_admin = list( ) var/list/admin_verbs_ban = list( /client/proc/unban_panel, - /client/proc/jobbans + /client/proc/jobbans, + /client/proc/stickybanpanel ) var/list/admin_verbs_sounds = list( /client/proc/play_local_sound, diff --git a/code/modules/admin/stickyban.dm b/code/modules/admin/stickyban.dm new file mode 100644 index 00000000000..ce8a756b7af --- /dev/null +++ b/code/modules/admin/stickyban.dm @@ -0,0 +1,207 @@ +/datum/admins/proc/stickyban(action,data) + if(!check_rights(R_BAN)) + return + + switch (action) + if ("show") + stickyban_show() + if ("add") + var/list/ban = list() + var/ckey + ban["admin"] = usr.key + ban["type"] = list("sticky") + ban["reason"] = "(InGameBan)([usr.key])" //this will be displayed in dd only + + if (data["ckey"]) + ckey = ckey(data["ckey"]) + else + ckey = input(usr,"Ckey","Ckey","") as text|null + if (!ckey) + return + ckey = ckey(ckey) + if (get_stickyban_from_ckey(ckey)) + usr << "Error: Can not add a stickyban: User already has a current sticky ban" + + if (data["reason"]) + ban["message"] = data["reason"] + else + var/reason = input(usr,"Reason","Reason","Ban Evasion") as text|null + if (!reason) + return + ban["message"] = "[reason]" + + world.SetConfig("ban",ckey,list2stickyban(ban)) + + log_admin("[key_name(usr)] has stickybanned [ckey].\nReason: [ban["message"]]") + message_admins("[key_name_admin(usr)] has stickybanned [ckey].\nReason: [ban["message"]]") + + if ("remove") + if (!data["ckey"]) + return + var/ckey = data["ckey"] + + var/ban = get_stickyban_from_ckey(ckey) + if (!ban) + usr << "Error: No sticky ban for [ckey] found!" + return + if (alert("Are you sure you want to remove the sticky ban on [ckey]?","Are you sure","Yes","No") == "No") + return + if (!get_stickyban_from_ckey(ckey)) + usr << "Error: The ban disappeared." + return + world.SetConfig("ban",ckey, null) + + log_admin("[key_name(usr)] removed [ckey]'s stickyban") + message_admins("[key_name_admin(usr)] removed [ckey]'s stickyban") + + if ("remove_alt") + if (!data["ckey"]) + return + var/ckey = data["ckey"] + if (!data["alt"]) + return + var/alt = ckey(data["alt"]) + var/ban = get_stickyban_from_ckey(ckey) + if (!ban) + usr << "Error: No sticky ban for [ckey] found!" + return + + var/found = 0 + //we have to do it this way because byond keeps the case in its sticky ban matches WHY!!! + for (var/key in ban["keys"]) + if (ckey(key) == alt) + found = 1 + break + + if (!found) + usr << "Error: [alt] is not linked to [ckey]'s sticky ban!" + return + + if (alert("Are you sure you want to disassociate [alt] from [ckey]'s sticky ban? \nNote: Nothing stops byond from re-linking them","Are you sure","Yes","No") == "No") + return + + //we have to do this again incase something changes + ban = get_stickyban_from_ckey(ckey) + if (!ban) + usr << "Error: The ban disappeared." + return + + found = 0 + for (var/key in ban["keys"]) + if (ckey(key) == alt) + ban["keys"] -= key + found = 1 + break + + if (!found) + usr << "Error: [alt] link to [ckey]'s sticky ban disappeared." + return + + world.SetConfig("ban",ckey,list2stickyban(ban)) + + log_admin("[key_name(usr)] has disassociated [alt] from [ckey]'s sticky ban") + message_admins("[key_name_admin(usr)] has disassociated [alt] from [ckey]'s sticky ban") + + if ("edit") + if (!data["ckey"]) + return + var/ckey = data["ckey"] + var/ban = get_stickyban_from_ckey(ckey) + if (!ban) + usr << "Error: No sticky ban for [ckey] found!" + return + var/oldreason = ban["message"] + var/reason = input(usr,"Reason","Reason","[ban["message"]]") as text|null + if (!reason || reason == oldreason) + return + //we have to do this again incase something changed while we waited for input + ban = get_stickyban_from_ckey(ckey) + if (!ban) + usr << "Error: The ban disappeared." + return + ban["message"] = "[reason]" + + world.SetConfig("ban",ckey,list2stickyban(ban)) + + log_admin("[key_name(usr)] has edited [ckey]'s sticky ban reason from [oldreason] to [reason]") + message_admins("[key_name_admin(usr)] has edited [ckey]'s sticky ban reason from [oldreason] to [reason]") + +/datum/admins/proc/stickyban_gethtml(ckey, ban) + . = "\[-\][ckey]
" + . += "[ban["message"]] \[Edit\]
" + if (ban["admin"]) + . += "[ban["admin"]]
" + else + . += "LEGACY
" + . += "Caught keys
\n
    " + for (var/key in ban["keys"]) + if (ckey(key) == ckey) + continue + . += "
  1. \[-\][key]
  2. " + . += "
\n" + +/datum/admins/proc/stickyban_show() + if(!check_rights(R_BAN)) + return + + var/list/bans = world.GetConfig("ban") + var/banhtml = "" + for(var/key in bans) + var/ckey = ckey(key) + var/ban = stickyban2list(world.GetConfig("ban",key)) + banhtml += "

\n" + banhtml += stickyban_gethtml(ckey,ban) + + var/html = {" + + Sticky Bans + + +

All Sticky Bans:

\[+\]
+ [banhtml] + + "} + usr << browse(html,"window=stickybans;size=700x400") + +/proc/get_stickyban_from_ckey(var/ckey) + if (!ckey) + return null + ckey = ckey(ckey) + . = null + for (var/key in world.GetConfig("ban")) + if (ckey(key) == ckey) + . = stickyban2list(world.GetConfig("ban",key)) + break + +/proc/stickyban2list(var/ban) + if (!ban) + return null + . = params2list(ban) + .["keys"] = text2list(.["keys"], ",") + .["type"] = text2list(.["type"], ",") + .["IP"] = text2list(.["IP"], ",") + .["computer_id"] = text2list(.["computer_id"], ",") + +/proc/list2stickyban(var/list/ban) + if (!ban || !islist(ban)) + return null + . = ban.Copy() + if (.["keys"]) + .["keys"] = list2text(.["keys"], ",") + if (.["type"]) + .["type"] = list2text(.["type"], ",") + if (.["IP"]) + .["IP"] = list2text(.["IP"], ",") + if (.["computer_id"]) + .["computer_id"] = list2text(.["computer_id"], ",") + . = list2params(.) + +/client/proc/stickybanpanel() + set name = "Sticky Ban Panel" + set category = "Admin" + + if(!check_rights(R_BAN)) + return + + holder.stickyban_show() + \ No newline at end of file diff --git a/code/modules/admin/topic.dm b/code/modules/admin/topic.dm index cff4e611d65..cc34e5a3437 100644 --- a/code/modules/admin/topic.dm +++ b/code/modules/admin/topic.dm @@ -25,6 +25,9 @@ message_admins("[key_name_admin(usr)] rejected [key_name_admin(C.mob)]'s admin help") log_admin("[key_name(usr)] rejected [key_name(C.mob)]'s admin help") + + if(href_list["stickyban"]) + stickyban(href_list["stickyban"],href_list) if(href_list["makeAntag"]) switch(href_list["makeAntag"]) diff --git a/code/modules/client/client procs.dm b/code/modules/client/client procs.dm index 5212d6e84e8..48148244e20 100644 --- a/code/modules/client/client procs.dm +++ b/code/modules/client/client procs.dm @@ -282,15 +282,20 @@ winset(src, null, "command=\".configure graphics-hwmode on\"") log_client_to_db() + + if (ckey in clientmessages) + for (var/message in clientmessages[ckey]) + src << message + clientmessages.Remove(ckey) if (config && config.autoconvert_notes) convert_notes_sql(ckey) send_resources() - ////////////// - //DISCONNECT// - ////////////// +////////////// +//DISCONNECT// +////////////// /client/Del() if(holder) holder.owner = null diff --git a/code/modules/client/message.dm b/code/modules/client/message.dm new file mode 100644 index 00000000000..6406a7d051a --- /dev/null +++ b/code/modules/client/message.dm @@ -0,0 +1,9 @@ +var/list/clientmessages = list() + +proc/addclientmessage(var/ckey, var/message) + ckey = ckey(ckey) + if (!ckey || !message) + return + if (!(ckey in clientmessages)) + clientmessages[ckey] = list() + clientmessages[ckey] += message diff --git a/paradise.dme b/paradise.dme index 76969b151fa..0c103fbc6e7 100644 --- a/paradise.dme +++ b/paradise.dme @@ -907,6 +907,7 @@ #include "code\modules\admin\player_panel.dm" #include "code\modules\admin\secrets.dm" #include "code\modules\admin\sql_notes.dm" +#include "code\modules\admin\stickyban.dm" #include "code\modules\admin\topic.dm" #include "code\modules\admin\ToRban.dm" #include "code\modules\admin\watchlist.dm" @@ -998,6 +999,7 @@ #include "code\modules\client\client defines.dm" #include "code\modules\client\client procs.dm" #include "code\modules\client\global_cache.dm" +#include "code\modules\client\message.dm" #include "code\modules\client\preferences.dm" #include "code\modules\client\preferences_mysql.dm" #include "code\modules\client\preferences_spawnpoints.dm" From 84f1c2ab8f78f0b365559d0efafac115a3626568 Mon Sep 17 00:00:00 2001 From: Markolie Date: Sun, 27 Sep 2015 09:08:10 +0200 Subject: [PATCH 2/6] Re-add ban appeal message, memo check --- code/modules/admin/IsBanned.dm | 5 ++++- code/modules/client/client procs.dm | 2 +- config/example/config.txt | 6 +++--- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/code/modules/admin/IsBanned.dm b/code/modules/admin/IsBanned.dm index 0191d1c67bd..158f7ed1916 100644 --- a/code/modules/admin/IsBanned.dm +++ b/code/modules/admin/IsBanned.dm @@ -85,7 +85,10 @@ world/IsBanned(key,address,computer_id) if(text2num(duration) > 0) expires = "The ban is for [duration] minutes and expires on [expiration] (server time)." else - expires = " The is a permanent ban." + var/appealmessage = "" + if(config && config.banappeals) + appealmessage = " You may appeal it at [config.banappeals]." + expires = " The is a permanent ban.[appealmessage]" var/desc = "\nReason: You, or another user of this computer or connection ([pckey]) is banned from playing here. The ban reason is:\n[reason]\nThis ban was applied by [ackey] on [bantime]. [expires]" diff --git a/code/modules/client/client procs.dm b/code/modules/client/client procs.dm index 48148244e20..cc3b54b6bde 100644 --- a/code/modules/client/client procs.dm +++ b/code/modules/client/client procs.dm @@ -272,7 +272,7 @@ if(holder) add_admin_verbs() - admin_memo_output("Show", 0) + admin_memo_output("Show", 0, 1) // Forcibly enable hardware-accelerated graphics, as we need them for the lighting overlays. // (but turn them off first, since sometimes BYOND doesn't turn them on properly otherwise) diff --git a/config/example/config.txt b/config/example/config.txt index a3260d4a04d..f370103cbbb 100644 --- a/config/example/config.txt +++ b/config/example/config.txt @@ -165,7 +165,7 @@ GUEST_BAN ## Wiki address # WIKIURL http://example.org -## Ban appeals URL - usually for a forum or wherever people should go to contact your admins. +## Ban appeals URL - usually for a forum or wherever people should go to contact your admins. Will show up on permanent bans. # BANAPPEALS http://example.org ## Media base URL - determines where to pull the jukebox playlist from. @@ -175,10 +175,10 @@ GUEST_BAN ## spawns a spellbook which gives object-type spells instead of verb-type spells for the wizard # FEATURE_OBJECT_SPELL_SYSTEM -##Toggle for having jobs load up from the .txt +## Toggle for having jobs load up from the .txt LOAD_JOBS_FROM_TXT -##Remove the # mark infront of this to forbid admins from posssessing the singularity. +## Remove the # mark infront of this to forbid admins from posssessing the singularity. #FORBID_SINGULO_POSSESSION ## Remove the # to show a popup 'reply to' window to every non-admin that recieves an adminPM. From 44763a869ab1e4fc7c6ef56c58053b212a439dcc Mon Sep 17 00:00:00 2001 From: Markolie Date: Sun, 27 Sep 2015 23:58:10 +0200 Subject: [PATCH 3/6] Stickyban clean-up, add admin bans --- code/__DEFINES/admin.dm | 2 + code/modules/admin/DB ban/functions.dm | 61 +++++++++++++++++++++ code/modules/admin/IsBanned.dm | 31 +++++------ code/modules/admin/stickyban.dm | 7 ++- code/modules/admin/topic.dm | 11 ++++ code/modules/admin/verbs/modifyvariables.dm | 6 +- 6 files changed, 99 insertions(+), 19 deletions(-) diff --git a/code/__DEFINES/admin.dm b/code/__DEFINES/admin.dm index 5d63e777087..49ef7a72855 100644 --- a/code/__DEFINES/admin.dm +++ b/code/__DEFINES/admin.dm @@ -19,6 +19,8 @@ #define BANTYPE_JOB_TEMP 4 #define BANTYPE_ANY_FULLBAN 5 //used to locate stuff to unban. #define BANTYPE_APPEARANCE 6 +#define BANTYPE_ADMIN_PERMA 7 +#define BANTYPE_ADMIN_TEMP 8 //Please don't edit these values without speaking to Errorage first ~Carn //Admin Permissions diff --git a/code/modules/admin/DB ban/functions.dm b/code/modules/admin/DB ban/functions.dm index 8cd511a3c9a..72cee4a7b4c 100644 --- a/code/modules/admin/DB ban/functions.dm +++ b/code/modules/admin/DB ban/functions.dm @@ -1,3 +1,4 @@ +#define MAX_ADMIN_BANS_PER_ADMIN 1 datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration = -1, var/reason, var/job = "", var/rounds = 0, var/banckey = null, var/banip = null, var/bancid = null) @@ -10,14 +11,22 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration = var/serverip = "[world.internet_address]:[world.port]" var/bantype_pass = 0 var/bantype_str + var/maxadminbancheck //Used to limit the number of active bans of a certein type that each admin can give. Used to protect against abuse or mutiny. + var/announceinirc //When set, it announces the ban in irc. Intended to be a way to raise an alarm, so to speak. + var/blockselfban //Used to prevent the banning of yourself. + var/kickbannedckey //Defines whether this proc should kick the banned person, if they are connected (if banned_mob is defined). + //some ban types kick players after this proc passes (tempban, permaban), but some are specific to db_ban, so + //they should kick within this proc. switch(bantype) if(BANTYPE_PERMA) bantype_str = "PERMABAN" duration = -1 bantype_pass = 1 + blockselfban = 1 if(BANTYPE_TEMP) bantype_str = "TEMPBAN" bantype_pass = 1 + blockselfban = 1 if(BANTYPE_JOB_PERMA) bantype_str = "JOB_PERMABAN" duration = -1 @@ -29,6 +38,21 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration = bantype_str = "APPEARANCE_BAN" duration = -1 bantype_pass = 1 + if(BANTYPE_ADMIN_PERMA) + bantype_str = "ADMIN_PERMABAN" + duration = -1 + bantype_pass = 1 + maxadminbancheck = 1 + announceinirc = 1 + blockselfban = 1 + kickbannedckey = 1 + if(BANTYPE_ADMIN_TEMP) + bantype_str = "ADMIN_TEMPBAN" + bantype_pass = 1 + maxadminbancheck = 1 + announceinirc = 1 + blockselfban = 1 + kickbannedckey = 1 if( !bantype_pass ) return if( !istext(reason) ) return @@ -66,6 +90,11 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration = a_ckey = src.owner:ckey a_computerid = src.owner:computer_id a_ip = src.owner:address + + if(blockselfban) + if(a_ckey == ckey) + usr << "You cannot apply this ban type on yourself." + return var/who for(var/client/C in clients) @@ -82,6 +111,15 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration = adminwho += ", [C]" reason = sql_sanitize_text(reason) + + if(maxadminbancheck) + var/DBQuery/adm_query = dbcon.NewQuery("SELECT count(id) AS num FROM [format_table_name("ban")] WHERE (a_ckey = '[a_ckey]') AND (bantype = 'ADMIN_PERMABAN' OR (bantype = 'ADMIN_TEMPBAN' AND expiration_time > Now())) AND isnull(unbanned)") + adm_query.Execute() + if(adm_query.NextRow()) + var/adm_bans = text2num(adm_query.item[1]) + if(adm_bans >= MAX_ADMIN_BANS_PER_ADMIN) + usr << "You already logged [MAX_ADMIN_BANS_PER_ADMIN] admin ban(s) or more. Do not abuse this function!" + return var/sql = "INSERT INTO [format_table_name("ban")] (`id`,`bantime`,`serverip`,`bantype`,`reason`,`job`,`duration`,`rounds`,`expiration_time`,`ckey`,`computerid`,`ip`,`a_ckey`,`a_computerid`,`a_ip`,`who`,`adminwho`,`edits`,`unbanned`,`unbanned_datetime`,`unbanned_ckey`,`unbanned_computerid`,`unbanned_ip`) VALUES (null, Now(), '[serverip]', '[bantype_str]', '[reason]', '[job]', [(duration)?"[duration]":"0"], [(rounds)?"[rounds]":"0"], Now() + INTERVAL [(duration>0) ? duration : 0] MINUTE, '[ckey]', '[computerid]', '[ip]', '[a_ckey]', '[a_computerid]', '[a_ip]', '[who]', '[adminwho]', '', null, null, null, null, null)" var/DBQuery/query_insert = dbcon.NewQuery(sql) @@ -89,7 +127,12 @@ datum/admins/proc/DB_ban_record(var/bantype, var/mob/banned_mob, var/duration = usr << "\blue Ban saved to database." message_admins("[key_name_admin(usr)] has added a [bantype_str] for [ckey] [(job)?"([job])":""] [(duration > 0)?"([duration] minutes)":""] with the reason: \"[reason]\" to the ban database.",1) + if(announceinirc) + send2irc("BAN ALERT","[a_ckey] applied a [bantype_str] on [ckey]") + if(kickbannedckey) + if(banned_mob && banned_mob.client && banned_mob.client.ckey == banckey) + del(banned_mob.client) datum/admins/proc/DB_ban_unban(var/ckey, var/bantype, var/job = "") @@ -114,6 +157,12 @@ datum/admins/proc/DB_ban_unban(var/ckey, var/bantype, var/job = "") if(BANTYPE_APPEARANCE) bantype_str = "APPEARANCE_BAN" bantype_pass = 1 + if(BANTYPE_ADMIN_PERMA) + bantype_str = "ADMIN_PERMABAN" + bantype_pass = 1 + if(BANTYPE_ADMIN_TEMP) + bantype_str = "ADMIN_TEMPBAN" + bantype_pass = 1 if(BANTYPE_ANY_FULLBAN) bantype_str = "ANY" bantype_pass = 1 @@ -300,6 +349,8 @@ datum/admins/proc/DB_ban_unban_by_id(var/id) output += "" output += "" output += "" + output += "" + output += "" output += "" output += "Ckey: " output += "IP: " @@ -339,6 +390,8 @@ datum/admins/proc/DB_ban_unban_by_id(var/id) output += "" output += "" output += "" + output += "" + output += "" output += "" output += "

" output += " Match(min. 3 characters to search by key or ip, and 7 to search by cid)
" @@ -406,6 +459,10 @@ datum/admins/proc/DB_ban_unban_by_id(var/id) bantypesearch += "'JOB_TEMPBAN' " if(BANTYPE_APPEARANCE) bantypesearch += "'APPEARANCE_BAN' " + if(BANTYPE_ADMIN_PERMA) + bantypesearch = "'ADMIN_PERMABAN' " + if(BANTYPE_ADMIN_TEMP) + bantypesearch = "'ADMIN_TEMPBAN' " else bantypesearch += "'PERMABAN' " @@ -448,6 +505,10 @@ datum/admins/proc/DB_ban_unban_by_id(var/id) typedesc = "TEMP JOBBAN
([job])
([duration] minutes
Expires [expiration]" if("APPEARANCE_BAN") typedesc = "APPEARANCE/NAME BAN" + if("ADMIN_PERMABAN") + typedesc = "ADMIN PERMABAN" + if("ADMIN_TEMPBAN") + typedesc = "ADMIN TEMPBAN
([duration] minutes [(unbanned) ? "" : "(Edit))"]
Expires [expiration]
" output += "" output += "[typedesc]" diff --git a/code/modules/admin/IsBanned.dm b/code/modules/admin/IsBanned.dm index 158f7ed1916..44027257bee 100644 --- a/code/modules/admin/IsBanned.dm +++ b/code/modules/admin/IsBanned.dm @@ -2,7 +2,7 @@ world/IsBanned(key,address,computer_id) if (!key || !address || !computer_id) log_access("Failed Login (invalid data): [key] [address]-[computer_id]") - return list("reason"="invalid login data", "desc"="Error: Could not check ban status, Please try again. Error message: Your computer provided invalid or blank information to the server on connection (byond username, IP, and Computer ID.) Provided information for reference: Username:'[key]' IP:'[address]' Computer ID:'[computer_id]'. (If you continue to get this error, please restart byond or contact byond support.)") + return list("reason"="invalid login data", "desc"="Error: Could not check ban status, please try again. Error message: Your computer provided invalid or blank information to the server on connection (BYOND username, IP, and Computer ID). Provided information for reference: Username: '[key]' IP: '[address]' Computer ID: '[computer_id]'. If you continue to get this error, please restart byond or contact byond support.") var/admin = 0 var/ckey = ckey(key) if((ckey in admin_datums) || (ckey in deadmins)) @@ -10,23 +10,25 @@ world/IsBanned(key,address,computer_id) //Guest Checking if(!guests_allowed && IsGuestKey(key)) - log_access("Failed Login: [key] - Guests not allowed") + log_access("Failed Login: [key] [computer_id] [address] - Guests not allowed") // message_admins("\blue Failed Login: [key] - Guests not allowed") - return list("reason"="guest", "desc"="\nReason: Guests not allowed. Please sign in with a byond account.") + return list("reason"="guest", "desc"="\nReason: Guests not allowed. Please sign in with a BYOND account.") - //check if the IP address is a known TOR node - if(config && config.ToRban && ToRban_isbanned(address)) - log_access("Failed Login: [src] - Banned: ToR") - message_admins("\blue Failed Login: [src] - Banned: ToR") + //check if the IP address is a known Tor node + if(config.ToRban && ToRban_isbanned(address)) + log_access("Failed Login: [key] [computer_id] [address] - Banned: Tor") + message_admins("Failed Login: [key] - Banned: Tor") //ban their computer_id and ckey for posterity - AddBan(ckey(key), computer_id, "Use of ToR", "Automated Ban", 0, 0) - return list("reason"="Using ToR", "desc"="\nReason: The network you are using to connect has been banned.\nIf you believe this is a mistake, please request help at [config.banappeals]") + AddBan(ckey(key), computer_id, "Use of Tor", "Automated Ban", 0, 0) + var/mistakemessage = "" + if(config.banappeals) + mistakemessage = "\nIf you believe this is a mistake, please request help at [config.banappeals]." + return list("reason"="using Tor", "desc"="\nReason: The network you are using to connect has been banned.[mistakemessage]") if(config.ban_legacy_system) - //Ban Checking - . = CheckBan( ckey(key), computer_id, address ) + . = CheckBan(ckey(key), computer_id, address) if(.) if (admin) log_admin("The admin [key] has been allowed to bypass a matching ban on [.["key"]]") @@ -35,9 +37,7 @@ world/IsBanned(key,address,computer_id) else log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") return . - else - var/ckeytext = ckey(key) if(!establish_db_connection()) @@ -86,7 +86,7 @@ world/IsBanned(key,address,computer_id) expires = "The ban is for [duration] minutes and expires on [expiration] (server time)." else var/appealmessage = "" - if(config && config.banappeals) + if(config.banappeals) appealmessage = " You may appeal it at [config.banappeals]." expires = " The is a permanent ban.[appealmessage]" @@ -94,7 +94,6 @@ world/IsBanned(key,address,computer_id) . = list("reason"="[bantype]", "desc"="[desc]") - log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") return . @@ -107,7 +106,7 @@ world/IsBanned(key,address,computer_id) if (admin) log_admin("The admin [key] has been allowed to bypass a matching host/sticky ban") message_admins("The admin [key] has been allowed to bypass a matching host/sticky ban") - addclientmessage(ckey,"You have been allowed to bypass a matching host/sticky ban") + addclientmessage(ckey,"You have been allowed to bypass a matching host/sticky ban") return null else log_access("Failed Login: [key] [computer_id] [address] - Banned [.["message"]]") diff --git a/code/modules/admin/stickyban.dm b/code/modules/admin/stickyban.dm index ce8a756b7af..072cad1acf7 100644 --- a/code/modules/admin/stickyban.dm +++ b/code/modules/admin/stickyban.dm @@ -5,6 +5,7 @@ switch (action) if ("show") stickyban_show() + return if ("add") var/list/ban = list() var/ckey @@ -30,7 +31,7 @@ return ban["message"] = "[reason]" - world.SetConfig("ban",ckey,list2stickyban(ban)) + world.SetConfig("ban", ckey, list2stickyban(ban)) log_admin("[key_name(usr)] has stickybanned [ckey].\nReason: [ban["message"]]") message_admins("[key_name_admin(usr)] has stickybanned [ckey].\nReason: [ban["message"]]") @@ -49,7 +50,7 @@ if (!get_stickyban_from_ckey(ckey)) usr << "Error: The ban disappeared." return - world.SetConfig("ban",ckey, null) + world.SetConfig("ban", ckey, null) log_admin("[key_name(usr)] removed [ckey]'s stickyban") message_admins("[key_name_admin(usr)] removed [ckey]'s stickyban") @@ -125,6 +126,8 @@ log_admin("[key_name(usr)] has edited [ckey]'s sticky ban reason from [oldreason] to [reason]") message_admins("[key_name_admin(usr)] has edited [ckey]'s sticky ban reason from [oldreason] to [reason]") + + stickyban_show() /datum/admins/proc/stickyban_gethtml(ckey, ban) . = "\[-\][ckey]
" diff --git a/code/modules/admin/topic.dm b/code/modules/admin/topic.dm index cc34e5a3437..b922b4979c8 100644 --- a/code/modules/admin/topic.dm +++ b/code/modules/admin/topic.dm @@ -126,6 +126,17 @@ return banduration = null banjob = null + if(BANTYPE_ADMIN_PERMA) + if(!banckey || !banreason) + usr << "Not enough parameters (Requires ckey and reason)" + return + banduration = null + banjob = null + if(BANTYPE_ADMIN_TEMP) + if(!banckey || !banreason || !banduration) + usr << "Not enough parameters (Requires ckey, reason and duration)" + return + banjob = null var/mob/playermob diff --git a/code/modules/admin/verbs/modifyvariables.dm b/code/modules/admin/verbs/modifyvariables.dm index f0532fbd254..134cc9ff3f5 100644 --- a/code/modules/admin/verbs/modifyvariables.dm +++ b/code/modules/admin/verbs/modifyvariables.dm @@ -323,8 +323,12 @@ var/list/forbidden_varedit_object_types = list( for(var/p in forbidden_varedit_object_types) if( istype(O,p) ) - usr << "\red It is forbidden to edit this object's variables." + usr << "It is forbidden to edit this object's variables." return + + if(istype(O, /client) && (param_var_name == "ckey" || param_var_name == "key")) + usr << "You cannot edit ckeys on client objects." + return var/class var/variable From bd65300965afd0777998687d881c01371a11f76d Mon Sep 17 00:00:00 2001 From: Markolie Date: Mon, 28 Sep 2015 00:22:35 +0200 Subject: [PATCH 4/6] Formatting update, make sure that reload admins remove proccall verbs --- code/modules/admin/IsBanned.dm | 9 ++++----- code/modules/admin/admin_verbs.dm | 1 + code/modules/admin/stickyban.dm | 5 +++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/code/modules/admin/IsBanned.dm b/code/modules/admin/IsBanned.dm index 44027257bee..c738be58089 100644 --- a/code/modules/admin/IsBanned.dm +++ b/code/modules/admin/IsBanned.dm @@ -2,7 +2,7 @@ world/IsBanned(key,address,computer_id) if (!key || !address || !computer_id) log_access("Failed Login (invalid data): [key] [address]-[computer_id]") - return list("reason"="invalid login data", "desc"="Error: Could not check ban status, please try again. Error message: Your computer provided invalid or blank information to the server on connection (BYOND username, IP, and Computer ID). Provided information for reference: Username: '[key]' IP: '[address]' Computer ID: '[computer_id]'. If you continue to get this error, please restart byond or contact byond support.") + return list("reason"="invalid login data", "desc"="Error: Could not check ban status, please try again. Error message: Your computer provided invalid or blank information to the server on connection (BYOND Username, IP, and Computer ID). Provided information for reference: Username: '[key]' IP: '[address]' Computer ID: '[computer_id]'. If you continue to get this error, please restart byond or contact byond support.") var/admin = 0 var/ckey = ckey(key) if((ckey in admin_datums) || (ckey in deadmins)) @@ -33,7 +33,7 @@ world/IsBanned(key,address,computer_id) if (admin) log_admin("The admin [key] has been allowed to bypass a matching ban on [.["key"]]") message_admins("The admin [key] has been allowed to bypass a matching ban on [.["key"]]") - addclientmessage(ckey,"You have been allowed to bypass a matching ban on [.["key"]]") + addclientmessage(ckey,"You have been allowed to bypass a matching ban on [.["key"]].") else log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") return . @@ -79,7 +79,7 @@ world/IsBanned(key,address,computer_id) else log_admin("The admin [key] has been allowed to bypass a matching ban on [pckey]") message_admins("The admin [key] has been allowed to bypass a matching ban on [pckey]") - addclientmessage(ckey,"You have been allowed to bypass a matching ban on [pckey]") + addclientmessage(ckey,"You have been allowed to bypass a matching ban on [pckey].") continue var/expires = "" if(text2num(duration) > 0) @@ -97,7 +97,6 @@ world/IsBanned(key,address,computer_id) log_access("Failed Login: [key] [computer_id] [address] - Banned [.["reason"]]") return . - . = ..() //default pager ban stuff if (.) //byond will not trigger isbanned() for "global" host bans, @@ -106,7 +105,7 @@ world/IsBanned(key,address,computer_id) if (admin) log_admin("The admin [key] has been allowed to bypass a matching host/sticky ban") message_admins("The admin [key] has been allowed to bypass a matching host/sticky ban") - addclientmessage(ckey,"You have been allowed to bypass a matching host/sticky ban") + addclientmessage(ckey,"You have been allowed to bypass a matching host/sticky ban.") return null else log_access("Failed Login: [key] [computer_id] [address] - Banned [.["message"]]") diff --git a/code/modules/admin/admin_verbs.dm b/code/modules/admin/admin_verbs.dm index ba036010873..1bc24ab72b2 100644 --- a/code/modules/admin/admin_verbs.dm +++ b/code/modules/admin/admin_verbs.dm @@ -226,6 +226,7 @@ var/list/admin_verbs_proccall = list ( admin_verbs_spawn, admin_verbs_mod, admin_verbs_mentor, + admin_verbs_proccall, admin_verbs_show_debug_verbs, /client/proc/readmin, ) diff --git a/code/modules/admin/stickyban.dm b/code/modules/admin/stickyban.dm index 072cad1acf7..ef625d001f2 100644 --- a/code/modules/admin/stickyban.dm +++ b/code/modules/admin/stickyban.dm @@ -126,8 +126,9 @@ log_admin("[key_name(usr)] has edited [ckey]'s sticky ban reason from [oldreason] to [reason]") message_admins("[key_name_admin(usr)] has edited [ckey]'s sticky ban reason from [oldreason] to [reason]") - - stickyban_show() + + spawn(10) + stickyban_show() /datum/admins/proc/stickyban_gethtml(ckey, ban) . = "\[-\][ckey]
" From 1952d15699a01f835ecfcd372ebb1c2b1059ba5b Mon Sep 17 00:00:00 2001 From: Markolie Date: Mon, 28 Sep 2015 00:44:07 +0200 Subject: [PATCH 5/6] Space fix --- code/modules/admin/IsBanned.dm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/code/modules/admin/IsBanned.dm b/code/modules/admin/IsBanned.dm index c738be58089..37c6a60bcdd 100644 --- a/code/modules/admin/IsBanned.dm +++ b/code/modules/admin/IsBanned.dm @@ -83,14 +83,14 @@ world/IsBanned(key,address,computer_id) continue var/expires = "" if(text2num(duration) > 0) - expires = "The ban is for [duration] minutes and expires on [expiration] (server time)." + expires = " The ban is for [duration] minutes and expires on [expiration] (server time)." else var/appealmessage = "" if(config.banappeals) appealmessage = " You may appeal it at [config.banappeals]." expires = " The is a permanent ban.[appealmessage]" - var/desc = "\nReason: You, or another user of this computer or connection ([pckey]) is banned from playing here. The ban reason is:\n[reason]\nThis ban was applied by [ackey] on [bantime]. [expires]" + var/desc = "\nReason: You, or another user of this computer or connection ([pckey]) is banned from playing here. The ban reason is:\n[reason]\nThis ban was applied by [ackey] on [bantime].[expires]" . = list("reason"="[bantype]", "desc"="[desc]") From 4bcb5d0eb2da4e509d9b472f0bb5a9acebc739a5 Mon Sep 17 00:00:00 2001 From: Markolie Date: Mon, 28 Sep 2015 05:58:00 +0200 Subject: [PATCH 6/6] Add sorting to stickyban list --- code/modules/admin/stickyban.dm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/modules/admin/stickyban.dm b/code/modules/admin/stickyban.dm index ef625d001f2..474b7c76265 100644 --- a/code/modules/admin/stickyban.dm +++ b/code/modules/admin/stickyban.dm @@ -148,7 +148,7 @@ if(!check_rights(R_BAN)) return - var/list/bans = world.GetConfig("ban") + var/list/bans = sortList(world.GetConfig("ban")) var/banhtml = "" for(var/key in bans) var/ckey = ckey(key)