Auth plugin, how to disable all commands?

Discussion in 'Plugin Development' started by Adrenaline, Jan 5, 2012.

Thread Status:
Not open for further replies.
  1. Offline

    Adrenaline

    Hi!,

    I have a next problems.. probably how to disable commands with double slash?, my code block all commands with one slash and allow to type /register, /login

    But players can enter to my account and type //wand etd..

    How to disable ALL commands with ( / ) and ( // ).. xAuth have this option.

    And someone can look at this code and say me where is "exploit" i found hacker.. he can bypass login ;o and i dont know HOW @_@

    Main .Java:
    http://pasteit.com/16501

    Player Listener .Java
    http://pasteit.com/16502
     
  2. Try replacing:
    Code:
    if(CFAuthentication.cfg.getProperty("player." + p.getName() + ".password") != (null) &&
                (!cmd[0].equalsIgnoreCase("/register")) &&
                (!cmd[0].equalsIgnoreCase("/login")))
    
            {
    With:
    Code:
    if(CFAuthentication.cfg.getProperty("player." + p.getName() + ".password") != (null) &&
                (!cmd[0].equalsIgnoreCase("/register")) &&
                (!cmd[0].equalsIgnoreCase("/login")) ||
                (cmd[0].contains("//"))
    
            {
     
  3. Offline

    Adrenaline

    Dont work :\ and you miss one ")"

    Must be look like this:
    (cmd[0].contains("//")))

    Dont work :S
     
  4. My other idea is to replace:
    Code:
    if(CFAuthentication.cfg.getProperty("player." + p.getName() + ".password") != (null) &&
                (!cmd[0].equalsIgnoreCase("/register")) &&
                (!cmd[0].equalsIgnoreCase("/login")))
            {
    With:
    Code:
    if(CFAuthentication.cfg.getProperty("player." + p.getName() + ".password") != (null) &&
                (!cmd[0].equalsIgnoreCase("register")) &&
                (!cmd[0].equalsIgnoreCase("login")) ||
                (cmd[0].startsWith("/")))
    
            {
     
  5. Offline

    Technius

    Here you go, this is a bit of a psuedo-code.
    Code:java
    1.  
    2. String command = //whatever you want it to be
    3. if(command.indexOf("/") > -1 && !command.equalsIgnoreCase("register") && !command.equalsIgnoreCase("login"))
    4. {
    5. //do this if it isn't allowed, better griefers/hackers to gtfo
    6. }
    7. else
    8. {
    9. //allow them :D
    10. }
    11.  
     
  6. Offline

    Adrenaline

    Dont work.

    I want to BLOCK that commands ^_-

    Dont know how to do @_@
    "String command = //whatever you want it to be" ????
     
  7. Offline

    Waffletastic

    Use PlayerCommandPreprocess
     
  8. Offline

    Technius

    String command = "example arguments";
    where the command would be /example arguments.

    Code:java
    1.  
    2. public void onPlayerCommandPreprocess(PlayerCommandPreprocessEvent event)
    3. {
    4. String command = event.getMessage();
    5. if(command.indexof("/") > -1 && !command.equalsIgnoreCase("register") && @command.equalsIgnoreCase("login")
    6. {
    7. //do your stuff here if isn't allowed
    8. }
    9. else
    10. {
    11. //allowed, yay!
    12. }
    13. }
     
  9. Offline

    Adrenaline

    Not work., with your code i can type all commands.
     
  10. Code:java
    1.  
    2. public void onPlayerCommandPreprocess(PlayerCommandPreprocessEvent evt){
    3. evt.setCancelled(true);
    4. }
    5.  
     
  11. Offline

    Adrenaline

    lol, you read topic? :|
     
  12. Yes, you can do the other part yourself cant you?

    Just get the first index of the \ character and check the substring.
     
  13. Offline

    knightidus

    I dont know why he's trying to be smart, you wrote the biggest tutorial for plugins ever (Adamki11), thank you a lot for that btw, couldn't have done it without you, many thanks and gratz :). Adrenaline, what have you done?
     
    Adamki11s likes this.
  14. Offline

    Adrenaline

    ...

    ?? ?? :mad: nope :s
     
  15. Well if you don't know how to do it you could at least be polite and ask for further help instead of insulting me.
     
  16. Offline

    Adrenaline

    lol, smiley insulting you ? haha ;p
     
  17. Exactly... you're so ungrateful and disrespectful. You'll be lucky to get any help.
     
  18. Offline

    Adrenaline

    This is only smiley @_@ :confused: btw ban me for insulting smiley! (troll)
     
  19. Offline

    ArcheCane

    If you're going to ask for help, don't rage and complain at the people who are offering to help you.
     
  20. Offline

    Technius

    Take it or leave it.
    Code:java
    1.  
    2. public void onPlayerCommandPreprocess(PlayerCommandPreprocessEvent event)
    3. {
    4. String command = event.getMessage();
    5. if(command.indexof("/") > -1 && !command.equalsIgnoreCase("register") && @command.equalsIgnoreCase("login")
    6. {
    7. //don't let them execute the command
    8. event.setCancelled(true);
    9. //do your stuff here if isn't allowed
    10. //event.getPlayer().sendMessage(ChatColor.RED + "Please login first.");
    11. }
    12. else
    13. {
    14. //allowed, yay!
    15. }
    16. }
     
  21. Offline

    knightidus

    There is one thing, you (@Adrenaline) have to learn about all Minecraft communities is that we are renowned for being nice and helpful, always, we are one of the best gaming communities i would dare say of all games. You wanna be insulting to one of the most important people for bukkit (@Adamk11) you are going to get on the wrong side of a lot of people, A LOT, and then get owned. So what im trying to say is, shut up.

    Thank you :)
     
    Adamki11s and Technius like this.
  22. Offline

    Adrenaline

    [​IMG]
    your message this is spam :| stop it. (please?) "shut up" you can say to your ,,friends" not to me :-'(

    Not work :), i report post "knight" with request to close this topic.
    I found help at other board.
     
  23. We are not trolling. We are simply stating how you're not going to get any help with an attitude like this.

    I'm not posting in here any more; good bye.
     
    Technius and knightidus like this.
  24. Offline

    iPhysX

    @NuclearW above 2 posts. by knightidus lol.
     
    Technius and knightidus like this.
  25. Offline

    knightidus

    @iPhysX Why you trying to help this guy, any ways im not posting here anymore, cya lol
     
  26. Offline

    TnT

    Locked to stop trolling. Keep it clean.
     
Thread Status:
Not open for further replies.

Share This Page