mirror of
https://github.com/ParadiseSS13/Paradise.git
synced 2026-07-11 15:14:27 +01:00
Fix shuttle HREF exploit
This commit is contained in:
@@ -683,7 +683,13 @@
|
||||
to_chat(usr, "<span class='danger'>Access denied.</span>")
|
||||
return
|
||||
|
||||
var/list/options = params2list(possible_destinations)
|
||||
if(href_list["move"])
|
||||
if(!options.Find(href_list["move"])) //I see you're trying Href exploits, I see you're failing, I SEE ADMIN WARNING.
|
||||
// Seriously, though, NEVER trust a Topic with something like this. Ever.
|
||||
message_admins("move HREF ([src] attempted to move to: [href_list["move"]]) exploit attempted by [key_name_admin(usr)] on [src] (<A HREF='?_src_=holder;adminplayerobservecoodjump=1;X=[x];Y=[y];Z=[z]'>JMP</a>)")
|
||||
to_chat(usr, "<span class='userdanger'>Expect a ban. Soon.</span>")
|
||||
return
|
||||
switch(shuttle_master.moveShuttle(shuttleId, href_list["move"], 1))
|
||||
if(0)
|
||||
to_chat(usr, "<span class='notice'>Shuttle received message and will be sent shortly.</span>")
|
||||
|
||||
Reference in New Issue
Block a user