void PlayerCmd_GetPower(scr_entref_t arg){
gentity_t* gentity;
int entityNum = 0;
int power;
client_t *cl;
mvabuf;
if(HIWORD(arg)){
Scr_ObjectError("Not an entity");
}else{
entityNum = LOWORD(arg);
gentity = &g_entities[entityNum];
if(!gentity->client){
Scr_ObjectError(va("Entity: %i is not a player", entityNum));
}
}
if(Scr_GetNumParam()){
Scr_Error("Usage: self getPower()\n");
}
cl = &svs.clients[entityNum];
power = SV_RemoteCmdGetClPower(cl);
Scr_AddInt(power);
}
void Auth_Login_f() {
client_t *invoker;
int id,clientNum;
if(Cmd_Argc() != 3) {
Com_Printf("Usage: %s <login> <password>\n",Cmd_Argv(0));
return;
}
clientNum = SV_RemoteCmdGetInvokerClnum();
if(clientNum < 0 || clientNum > 63) {
Com_Error(ERR_FATAL,"Auth_Login_f: index out of bounds.\n");
return;
}
invoker = &svs.clients[clientNum];
id = Auth_Authorize(Cmd_Argv(1),Cmd_Argv(2));
if(id < 0 || id > MAX_AUTH_ADMINS) {
//Com_PrintLogFile("Failed login attempt from slot %d with login %s. Client dropped.",clientNum,Cmd_Argv(1));
SV_DropClient(invoker,"Incorrect login credentials.\n");
return;
}
invoker->uid = auth_admins.admins[id].uid;
invoker->power = SV_RemoteCmdGetClPower(invoker);
Com_Printf("^2Successfully authorized. UID: %d, name: %s, power: %d\n",
auth_admins.admins[id].uid, auth_admins.admins[id].username, invoker->power);
}
qboolean SV_ExecuteRemoteCmd(int clientnum, const char *msg){
char sv_outputbuf[SV_OUTPUTBUF_LENGTH];
char cmd[30];
char buffer[256];
char *printPtr;
int i = 0;
int j = 0;
int powercmd;
int power;
client_t *cl;
if(!cmdSystemInitialized){
SV_SendServerCommand(redirectClient, "e \"Error: Remote control system is not initialized\n\"");
Com_Printf("Error: Remote control system is not initialized\n");
return qfalse;
}
if(clientnum < 0 || clientnum > 63) return qfalse;
cl = &svs.clients[clientnum];
redirectClient = cl;
while ( msg[i] != ' ' && msg[i] != '\0' && msg[i] != '\n' && i < 32 ){
i++;
}
if(i > 29 || i < 3) return qfalse;
Q_strncpyz(cmd,msg,i+1);
//Prevent buffer overflow as well as prevent the execution of priveleged commands by using seperator characters
Q_strncpyz(buffer,msg,256);
Q_strchrrepl(buffer,';','\0');
Q_strchrrepl(buffer,'\n','\0');
Q_strchrrepl(buffer,'\r','\0');
// start redirecting all print outputs to the packet
power = SV_RemoteCmdGetClPower(cl);
powercmd = Cmd_GetPower(cmd);
if(!Q_stricmpn(cmd,"auth",4)){
printPtr = cmd;
}else{
printPtr = buffer;
}
if(powercmd == -1){
SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\n^3Command execution failed - Invalid command invoked - Type ^2$cmdlist ^3to get a list of all available commands\"", printPtr);
return qfalse;
}
if(powercmd > power){
SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\n^3Command execution failed - Insufficient power to execute this command.\n^3You need at least ^6%i ^3powerpoints to invoke this command.\n^3Type ^2$cmdlist ^3to get a list of all available commands\"",
printPtr, powercmd);
return qtrue;
}
Com_Printf( "Command execution: %s Invoked by: %s InvokerUID: %i Power: %i\n", printPtr, cl->name, cl->uid, power);
Com_BeginRedirect(sv_outputbuf, SV_OUTPUTBUF_LENGTH, SV_ReliableSendRedirect);
i = cmdInvoker.currentCmdPower;
cmdInvoker.currentCmdPower = power;
cmdInvoker.authserver = qfalse;
j = cmdInvoker.currentCmdInvoker;
cmdInvoker.currentCmdInvoker = cl->uid;
cmdInvoker.clientnum = clientnum;
Cmd_ExecuteSingleCommand( 0, 0, buffer );
#ifdef PUNKBUSTER
if(!Q_stricmpn(buffer, "pb_sv_", 6)) PbServerForceProcess();
#endif
SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\"", buffer);
cmdInvoker.currentCmdPower = i;
cmdInvoker.currentCmdInvoker = j;
cmdInvoker.clientnum = -1;
Com_EndRedirect();
return qtrue;
}
