From 8ea25b1811288209675e90e986c8fed36d3c8a6e Mon Sep 17 00:00:00 2001
From: Andrei Jors <ajors@uoguelph.ca>
Date: Tue, 9 Oct 2018 07:26:00 -0400
Subject: [PATCH] Prevents people from HREF exploiting around the R&D console.

---
 code/modules/research/rdconsole.dm | 4 ++++
 1 file changed, 4 insertions(+)
 mode change 100644 => 100755 code/modules/research/rdconsole.dm

diff --git a/code/modules/research/rdconsole.dm b/code/modules/research/rdconsole.dm
old mode 100644
new mode 100755
index 6872ffba6d..fa78df66b6
--- a/code/modules/research/rdconsole.dm
+++ b/code/modules/research/rdconsole.dm
@@ -155,6 +155,10 @@ won't update every console in existence) but it's more of a hassle to do. Also,
 	add_fingerprint(usr)
 
 	usr.set_machine(src)
+	if((href_list["lock"] || screen < 1 || (screen == 1.6 && href_list["menu"] != "1.0")) && !allowed(usr)) //Stops people from HREF exploiting out of the lock screen, but allow it if they have the access.
+		usr << "Unauthorized Access"
+		return
+
 	if(href_list["menu"]) //Switches menu screens. Converts a sent text string into a number. Saves a LOT of code.
 		var/temp_screen = text2num(href_list["menu"])
 		if(temp_screen <= 1.1 || (3 <= temp_screen && 4.9 >= temp_screen) || allowed(usr) || emagged) //Unless you are making something, you need access.