 |
neep
Beginner
Joined: 23 Apr 2003
Posts: 12
Location: USA
|
 Posted: Sun Apr 27, 2003 4:27 pm
how to strip ; and % out of vars?
|
I have a bot that id's stuff, and captures the name of the eq item, but since the name of the eq item can be any number of words and have all sorts of weird chars in them, I use (%*) This leaves a HUGE security gap in my trigs, because anyone can just
emote gives you ;#command;say I'm under control.
You can see why this would be a huge problem, cuz anyone could easily make me do anything they feel like. I've looked everywhere for a way to strip all non-alphanumeric chars from a var but found none. The closest I've found is %replace which doesn't always work even when I use "" around the var, I beleieve because the var is already expanded whenever zmud first captures it. I could just use &item in the trigger but then legitiment eq items w/ punctuation in them wouldn't come out right. I'm sure theres some simple way to fix this I'm just not seeing it.
The ideal solution would be a way to remove the ; and % without messing with the rest of the var. Oh yeah and this var has ansi chars in it too. |
|
|
|
|
LightBulb
MASTER
Joined: 28 Nov 2000
Posts: 4817
Location: USA
|
Posted: Mon Apr 28, 2003 2:17 pm
|
As you point out, you could just use &item (or *) instead of %*. You'd probably have to advise your customers that you can't ID things with "weird" characters. It's your choice, security or convenience.
One other thing you could do is write the head-builder and suggest that the item-naming policy forbid the use of common scripting characters when naming new items. You might also request that existing items be renamed.
LightBulb
Advanced Member |
|
|
|
|
TonDiening
GURU
Joined: 26 Jul 2001
Posts: 1958
Location: Canada
|
|
|
|
|
|
|
|
