This site is a testing version, but all data is shared with the live forum.


Raised This Month: $ Target: $400
 0% 

couple of errors


Post New Thread Reply   
AlliedModders Forum Index > SourceMod > Scripting
Page 2 of 2 1 2
 
Thread Tools Display Modes
11530
Veteran Member
11530's Avatar
Join Date: Sep 2011
Location: Underworld
Old 08-29-2013 , 14:20   Re: couple of errors
Reply With Quote #11
Please don't ever use %s or %N to put a name into a ServerCommand. It's incredibly unsafe.

Let's say their name is "SomeName; quit" -> ServerCommand("sm_disarm %N", ...) -> ServerCommand("sm_disarm SomeName; quit"); which will send the quit command to the server. Alternatively they can call themselves "SomeName; rcon_password lol" and suddenly they've changed your RCON password.

There are a few ways to combat this, but the easiest (if you can't use a native instead) is to provide a UserID to the ServerCommand instead of a name.

PHP Code:
new someuserid GetClientUserId(client);
ServerCommand("sm_disarm #%d"someuserid); 
__________________
11530 is offline
maliniam
Junior Member
Join Date: Mar 2011
Old 08-29-2013 , 15:19   Re: couple of errors
Reply With Quote #12
Thanks for the tip on that, wasn't aware of that.
maliniam is offline
Reply
AlliedModders Forum Index > SourceMod > Scripting
Page 2 of 2 1 2

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 14:36.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode