void PlayerCmd_GetPower(scr_entref_t arg){ gentity_t* gentity; int entityNum = 0; int power; client_t *cl; mvabuf; if(HIWORD(arg)){ Scr_ObjectError("Not an entity"); }else{ entityNum = LOWORD(arg); gentity = &g_entities[entityNum]; if(!gentity->client){ Scr_ObjectError(va("Entity: %i is not a player", entityNum)); } } if(Scr_GetNumParam()){ Scr_Error("Usage: self getPower()\n"); } cl = &svs.clients[entityNum]; power = SV_RemoteCmdGetClPower(cl); Scr_AddInt(power); }
void Auth_Login_f() { client_t *invoker; int id,clientNum; if(Cmd_Argc() != 3) { Com_Printf("Usage: %s <login> <password>\n",Cmd_Argv(0)); return; } clientNum = SV_RemoteCmdGetInvokerClnum(); if(clientNum < 0 || clientNum > 63) { Com_Error(ERR_FATAL,"Auth_Login_f: index out of bounds.\n"); return; } invoker = &svs.clients[clientNum]; id = Auth_Authorize(Cmd_Argv(1),Cmd_Argv(2)); if(id < 0 || id > MAX_AUTH_ADMINS) { //Com_PrintLogFile("Failed login attempt from slot %d with login %s. Client dropped.",clientNum,Cmd_Argv(1)); SV_DropClient(invoker,"Incorrect login credentials.\n"); return; } invoker->uid = auth_admins.admins[id].uid; invoker->power = SV_RemoteCmdGetClPower(invoker); Com_Printf("^2Successfully authorized. UID: %d, name: %s, power: %d\n", auth_admins.admins[id].uid, auth_admins.admins[id].username, invoker->power); }
qboolean SV_ExecuteRemoteCmd(int clientnum, const char *msg){ char sv_outputbuf[SV_OUTPUTBUF_LENGTH]; char cmd[30]; char buffer[256]; char *printPtr; int i = 0; int j = 0; int powercmd; int power; client_t *cl; if(!cmdSystemInitialized){ SV_SendServerCommand(redirectClient, "e \"Error: Remote control system is not initialized\n\""); Com_Printf("Error: Remote control system is not initialized\n"); return qfalse; } if(clientnum < 0 || clientnum > 63) return qfalse; cl = &svs.clients[clientnum]; redirectClient = cl; while ( msg[i] != ' ' && msg[i] != '\0' && msg[i] != '\n' && i < 32 ){ i++; } if(i > 29 || i < 3) return qfalse; Q_strncpyz(cmd,msg,i+1); //Prevent buffer overflow as well as prevent the execution of priveleged commands by using seperator characters Q_strncpyz(buffer,msg,256); Q_strchrrepl(buffer,';','\0'); Q_strchrrepl(buffer,'\n','\0'); Q_strchrrepl(buffer,'\r','\0'); // start redirecting all print outputs to the packet power = SV_RemoteCmdGetClPower(cl); powercmd = Cmd_GetPower(cmd); if(!Q_stricmpn(cmd,"auth",4)){ printPtr = cmd; }else{ printPtr = buffer; } if(powercmd == -1){ SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\n^3Command execution failed - Invalid command invoked - Type ^2$cmdlist ^3to get a list of all available commands\"", printPtr); return qfalse; } if(powercmd > power){ SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\n^3Command execution failed - Insufficient power to execute this command.\n^3You need at least ^6%i ^3powerpoints to invoke this command.\n^3Type ^2$cmdlist ^3to get a list of all available commands\"", printPtr, powercmd); return qtrue; } Com_Printf( "Command execution: %s Invoked by: %s InvokerUID: %i Power: %i\n", printPtr, cl->name, cl->uid, power); Com_BeginRedirect(sv_outputbuf, SV_OUTPUTBUF_LENGTH, SV_ReliableSendRedirect); i = cmdInvoker.currentCmdPower; cmdInvoker.currentCmdPower = power; cmdInvoker.authserver = qfalse; j = cmdInvoker.currentCmdInvoker; cmdInvoker.currentCmdInvoker = cl->uid; cmdInvoker.clientnum = clientnum; Cmd_ExecuteSingleCommand( 0, 0, buffer ); #ifdef PUNKBUSTER if(!Q_stricmpn(buffer, "pb_sv_", 6)) PbServerForceProcess(); #endif SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\"", buffer); cmdInvoker.currentCmdPower = i; cmdInvoker.currentCmdInvoker = j; cmdInvoker.clientnum = -1; Com_EndRedirect(); return qtrue; }