mirror of
https://github.com/vgstation-coders/vgstation13.git
synced 2025-12-10 18:32:03 +00:00
Switches to utf8 sanitizing (#20209)
This commit is contained in:
I-VAPE-VOX-CLOACA-EVERY-DAY-OF-MY-LIFE
committed by
jknpj
jknpj
parent
d40c9cd0ca
commit
bf795d35ac
@@ -140,7 +140,7 @@ forLineInText(text)
|
||||
// Used to get a sanitized input.
|
||||
/proc/stripped_input(var/mob/user, var/message = "", var/title = "", var/default = "", var/max_length=MAX_MESSAGE_LEN)
|
||||
var/name = input(user, message, title, default) as null|text
|
||||
return strip_html_simple(name, max_length)
|
||||
return utf8_sanitize(name, user, max_length)
|
||||
|
||||
//Filters out undesirable characters from names
|
||||
/proc/reject_bad_name(var/t_in, var/allow_numbers=0, var/max_length=MAX_NAME_LEN)
|
||||
|
||||
@@ -386,4 +386,4 @@ var/list/pointers = list()
|
||||
for(var/d in data)
|
||||
var/val = data[d]
|
||||
if(istext(val))
|
||||
data[d] = strip_html_simple(val)
|
||||
data[d] = utf8_sanitize(val)
|
||||
|
||||
@@ -281,7 +281,7 @@ font-weight:bold;
|
||||
var/sensor = input(user, "Select a sensor:", "Sensor Data") as null|anything in sensor_list
|
||||
if(!sensor)
|
||||
return MT_ERROR
|
||||
var/label = strip_html(input(user, "Choose a sensor label:", "Sensor Label") as text|null)
|
||||
var/label = stripped_input(user, "Choose a sensor label:", "Sensor Label")
|
||||
if(!label)
|
||||
return MT_ERROR
|
||||
|
||||
@@ -706,5 +706,3 @@ font-weight:bold;
|
||||
)
|
||||
|
||||
radio_connection.post_signal(src, signal, filter = RADIO_ATMOSIA)
|
||||
|
||||
|
||||
|
||||
@@ -84,7 +84,7 @@
|
||||
if(isscrewdriver(W))
|
||||
playsound(src, 'sound/items/Screwdriver.ogg', 50, 1)
|
||||
|
||||
var/input = strip_html(input(usr, "Which networks would you like to connect this camera to? seperate networks with a comma. No Spaces!\nFor example: SS13,Security,Secret ", "Set Network", CAMERANET_SS13))
|
||||
var/input = stripped_input(usr, "Which networks would you like to connect this camera to? seperate networks with a comma. No Spaces!\nFor example: SS13,Security,Secret ", "Set Network", CAMERANET_SS13)
|
||||
if(!input)
|
||||
to_chat(usr, "No input found, please hang up and try your call again.")
|
||||
return
|
||||
|
||||
@@ -359,7 +359,7 @@ For vending packs, see vending_packs.dm*/
|
||||
to_chat(usr, "<span class='warning'>You can only afford [max_crates] crates.</span>")
|
||||
return
|
||||
var/timeout = world.time + 600
|
||||
var/reason = utf8_sanitize(input(usr,"Reason:","Why do you require this item?","") as null|text, usr, REASON_LEN)
|
||||
var/reason = stripped_input(usr,"Reason:","Why do you require this item?","",REASON_LEN)
|
||||
if(world.time > timeout)
|
||||
return
|
||||
if(!reason)
|
||||
@@ -584,7 +584,7 @@ For vending packs, see vending_packs.dm*/
|
||||
var/max_crates = round((account.money - total_money_req) / P.cost)
|
||||
to_chat(usr, "<span class='warning'>You can only afford [max_crates] crates.</span>")
|
||||
return
|
||||
var/reason = utf8_sanitize(input(usr,"Reason:","Why do you require this item?","") as null|text, usr, REASON_LEN)
|
||||
var/reason = stripped_input(usr,"Reason:","Why do you require this item?","",REASON_LEN)
|
||||
if(world.time > timeout)
|
||||
return
|
||||
if(!reason)
|
||||
|
||||
@@ -495,7 +495,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
|
||||
if(isobserver(usr) && !canGhostWrite(usr,src,"set a channel's name"))
|
||||
to_chat(usr, "<span class='warning'>You can't do that.</span>")
|
||||
return
|
||||
channel_name = strip_html_simple(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", ""))
|
||||
channel_name = stripped_input(usr, "Provide a Feed Channel Name", "Network Channel Handler", "")
|
||||
while (findtext(channel_name," ") == 1)
|
||||
channel_name = copytext(channel_name,2,length(channel_name)+1)
|
||||
updateUsrDialog()
|
||||
@@ -545,7 +545,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
|
||||
for(var/datum/feed_channel/F in news_network.network_channels)
|
||||
if( (!F.locked || F.author == scanned_user) && !F.censored)
|
||||
available_channels += F.channel_name
|
||||
channel_name = strip_html_simple(input(usr, "Choose receiving Feed Channel", "Network Channel Handler") in available_channels )
|
||||
channel_name = utf8_sanitize(input(usr, "Choose receiving Feed Channel", "Network Channel Handler") in available_channels )
|
||||
updateUsrDialog()
|
||||
|
||||
else if(href_list["set_new_message"])
|
||||
@@ -554,7 +554,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
|
||||
return
|
||||
if(isnull(msg))
|
||||
msg = ""
|
||||
msg = strip_html(input(usr, "Write your Feed story", "Network Channel Handler", msg))
|
||||
msg = stripped_input(usr, "Write your Feed story", "Network Channel Handler", msg)
|
||||
while (findtext(msg," ") == 1)
|
||||
msg = copytext(msg,2,length(msg)+1)
|
||||
updateUsrDialog()
|
||||
@@ -697,7 +697,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
|
||||
if(isobserver(usr) && !canGhostWrite(usr,src,"tried to set the name of a wanted person"))
|
||||
to_chat(usr, "<span class='warning'>You can't do that.</span>")
|
||||
return
|
||||
channel_name = strip_html(input(usr, "Provide the name of the Wanted person", "Network Security Handler", ""))
|
||||
channel_name = stripped_input(usr, "Provide the name of the Wanted person", "Network Security Handler", "")
|
||||
while (findtext(channel_name," ") == 1)
|
||||
channel_name = copytext(channel_name,2,length(channel_name)+1)
|
||||
updateUsrDialog()
|
||||
@@ -706,7 +706,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co
|
||||
if(isobserver(usr) && !canGhostWrite(usr,src,"tried to set the description of a wanted person"))
|
||||
to_chat(usr, "<span class='warning'>You can't do that.</span>")
|
||||
return
|
||||
msg = strip_html(input(usr, "Provide the a description of the Wanted person and any other details you deem important", "Network Security Handler", ""))
|
||||
msg = stripped_input(usr, "Provide the a description of the Wanted person and any other details you deem important", "Network Security Handler", "")
|
||||
while (findtext(msg," ") == 1)
|
||||
msg = copytext(msg,2,length(msg)+1)
|
||||
updateUsrDialog()
|
||||
@@ -1138,7 +1138,7 @@ obj/item/weapon/newspaper/attackby(obj/item/weapon/W as obj, mob/user as mob)
|
||||
if(scribble_page == curr_page)
|
||||
to_chat(user, "<FONT COLOR='blue'>There's already a scribble in this page... You wouldn't want to make things too cluttered, would you?</FONT>")
|
||||
else
|
||||
var/s = strip_html( input(user, "Write something", "Newspaper", "") )
|
||||
var/s = stripped_input(user, "Write something", "Newspaper", "")
|
||||
s = copytext(sanitize(s), 1, MAX_MESSAGE_LEN)
|
||||
if (!s)
|
||||
return
|
||||
|
||||
@@ -1860,7 +1860,7 @@
|
||||
if (href_list["change_name"])
|
||||
if(usr != src.occupant)
|
||||
return
|
||||
var/newname = strip_html_simple(input(occupant,"Choose new exosuit name","Rename exosuit",initial(name)) as text, MAX_NAME_LEN)
|
||||
var/newname = stripped_input(occupant,"Choose new exosuit name","Rename exosuit",initial(name),MAX_NAME_LEN)
|
||||
if(newname && trim(newname))
|
||||
name = newname
|
||||
else
|
||||
|
||||
@@ -52,7 +52,7 @@
|
||||
var/datum/topic_input/topic_filter = new /datum/topic_input(href,href_list)
|
||||
if(href_list["send_message"])
|
||||
var/obj/item/mecha_parts/mecha_tracking/MT = topic_filter.getObj("send_message")
|
||||
var/message = strip_html_simple(input(usr,"Input message","Transmit message") as text)
|
||||
var/message = stripped_input(usr,"Input message","Transmit message")
|
||||
var/obj/mecha/M = MT.in_mecha()
|
||||
if(trim(message) && M)
|
||||
M.occupant_message(message)
|
||||
|
||||
@@ -33,7 +33,7 @@
|
||||
to_chat(user, "<span class='notice'>The authorized user field on the card is blank.</span>")
|
||||
|
||||
/obj/item/weapon/card/debit/proc/change_authorized_name(var/desired_authorized_name)
|
||||
authorized_name = uppertext(sanitize_simple(strip_html_simple(desired_authorized_name, DEBIT_MAX_AUTHORIZED_NAME_LENGTH)))
|
||||
authorized_name = uppertext(sanitize_simple(utf8_sanitize(desired_authorized_name, DEBIT_MAX_AUTHORIZED_NAME_LENGTH)))
|
||||
|
||||
/obj/item/weapon/card/debit/attack_self(var/mob/user)
|
||||
if(user.attack_delayer.blocked())
|
||||
|
||||
@@ -3890,7 +3890,7 @@
|
||||
src.access_news_network()
|
||||
|
||||
else if(href_list["ac_set_channel_name"])
|
||||
src.admincaster_feed_channel.channel_name = strip_html_simple(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", ""))
|
||||
src.admincaster_feed_channel.channel_name = utf8_sanitize(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", ""))
|
||||
while (findtext(src.admincaster_feed_channel.channel_name," ") == 1)
|
||||
src.admincaster_feed_channel.channel_name = copytext(src.admincaster_feed_channel.channel_name,2,length(src.admincaster_feed_channel.channel_name)+1)
|
||||
src.access_news_network()
|
||||
|
||||
@@ -179,7 +179,7 @@ var/global/list/assembly_short_name_to_type = list() //Please, I beg you, don't
|
||||
if(!istext(new_value)) //Attempted to write a non-string to a string var - convert the non-string into a string and continue
|
||||
new_value = "[new_value]"
|
||||
|
||||
new_value = strip_html(new_value, MAX_TEXT_VALUE_LEN)
|
||||
new_value = utf8_sanitize(new_value, MAX_TEXT_VALUE_LEN)
|
||||
|
||||
//text values can accept either numbers or text, so don't check for that
|
||||
|
||||
|
||||
@@ -598,7 +598,7 @@
|
||||
else if (href_list["show_flavor_text"])
|
||||
if(can_show_flavor_text())
|
||||
var/datum/browser/popup = new(usr, "\ref[src]", name, 500, 200)
|
||||
popup.set_content(strip_html(flavor_text))
|
||||
popup.set_content(utf8_sanitize(flavor_text))
|
||||
popup.open()
|
||||
/*else if (href_list["lookmob"])
|
||||
var/mob/M = locate(href_list["lookmob"])
|
||||
|
||||
@@ -1234,7 +1234,7 @@ var/list/slot_equipment_priority = list( \
|
||||
return
|
||||
if(!can_show_flavor_text())
|
||||
return
|
||||
var/msg = strip_html(flavor_text)
|
||||
var/msg = utf8_sanitize(flavor_text)
|
||||
if(findtext(msg, "http:") || findtext(msg, "https:") || findtext(msg, "www."))
|
||||
return "<font color='#ffa000'><b><a href='?src=\ref[src];show_flavor_text=1'>Show flavor text</a></b></font>"
|
||||
if(length(msg) <= 32)
|
||||
|
||||
@@ -253,8 +253,8 @@
|
||||
|
||||
if(href_list["write"])
|
||||
var/id = href_list["write"]
|
||||
//var/t = strip_html_simple(input(usr, "What text do you wish to add to " + (id=="end" ? "the end of the paper" : "field "+id) + "?", "[name]", null),8192) as message
|
||||
//var/t = strip_html_simple(input("Enter what you want to write:", "Write", null, null) as message, MAX_MESSAGE_LEN)
|
||||
//var/t = utf8_sanitize(input(usr, "What text do you wish to add to " + (id=="end" ? "the end of the paper" : "field "+id) + "?", "[name]", null),8192) as message
|
||||
//var/t = utf8_sanitize(input("Enter what you want to write:", "Write", null, null) as message, MAX_MESSAGE_LEN)
|
||||
var/new_text
|
||||
|
||||
//Wrap this part in a loop to prevent text from getting lost
|
||||
|
||||
@@ -133,9 +133,11 @@ var/global/list/pillIcon2Name = list("oblong purple-pink", "oblong green-white",
|
||||
|
||||
else if(istype(B, /obj/item/weapon/reagent_containers/pill))
|
||||
B.icon_state = "pill"+pillsprite
|
||||
var/name = reject_bad_text(input(user,"Name:","Name your pill!","[B.reagents.get_master_reagent_name()] ([B.reagents.total_volume] units)") as null|text)
|
||||
var/name = stripped_input(user,"Name:","Name your pill!","[B.reagents.get_master_reagent_name()] ([B.reagents.total_volume] units)")
|
||||
if(name)
|
||||
B.name = "[name] pill"
|
||||
else
|
||||
to_chat(user, "<span class='warning'>[bicon(src)] Invalid name!</span>")
|
||||
return 1
|
||||
|
||||
/obj/machinery/chem_master/Topic(href, href_list)
|
||||
@@ -300,8 +302,9 @@ var/global/list/pillIcon2Name = list("oblong purple-pink", "oblong green-white",
|
||||
if(href_list["createempty"])
|
||||
amount_per_pill = 0 //If "createempty" is 1, pills are empty and no reagents are used.
|
||||
|
||||
var/name = reject_bad_text(input(usr,"Name:","Name your pill!","[reagents.get_master_reagent_name()] ([amount_per_pill] units)") as null|text)
|
||||
var/name = stripped_input(usr,"Name:","Name your pill!","[reagents.get_master_reagent_name()] ([amount_per_pill] units)")
|
||||
if(!name)
|
||||
to_chat(usr, "<span class='warning'>[bicon(src)] Invalid name!</span>")
|
||||
return
|
||||
|
||||
var/logged_message = " - [key_name(usr)] has made [count] pill[count > 1 ? "s, each" : ""] named '[name]' and containing "
|
||||
@@ -345,8 +348,9 @@ var/global/list/pillIcon2Name = list("oblong purple-pink", "oblong green-white",
|
||||
if(href_list["createempty"])
|
||||
amount_per_bottle = 0 //If "createempty" is 1, bottles are empty and no reagents are used.
|
||||
|
||||
var/name = reject_bad_text(input(usr,"Name:", "Name your bottle!","[reagents.get_master_reagent_name()] ([amount_per_bottle] units)") as null|text)
|
||||
var/name = stripped_input(usr,"Name:", "Name your bottle!","[reagents.get_master_reagent_name()] ([amount_per_bottle] units)")
|
||||
if(!name)
|
||||
to_chat(usr, "<span class='warning'>[bicon(src)] Invalid name!</span>")
|
||||
return
|
||||
|
||||
while(count--)
|
||||
|
||||
Reference in New Issue
Block a user