Fix signs for names > 14 char length.

This can be exploited by creating a user with the same first 14 characters.

git-svn-id: https://svn.java.net/svn/essentials~svn/trunk@1252 e251c2fe-e539-e718-e476-b85c1f46cddb
This commit is contained in:
snowleo 2011-04-21 11:59:22 +00:00
parent 755938ca5f
commit f53ab01e3e
3 changed files with 7 additions and 7 deletions

View File

@ -70,7 +70,7 @@ public class EssentialsBlockListener extends BlockListener
event.setLine(0, "§1[Protection]"); event.setLine(0, "§1[Protection]");
else else
event.setLine(0, "§4[Protection]"); event.setLine(0, "§4[Protection]");
event.setLine(3, user.getName()); event.setLine(3, user.getName().substring(0, 14));
return; return;
} }
if (event.getLine(0).equalsIgnoreCase("[Disposal]")) if (event.getLine(0).equalsIgnoreCase("[Disposal]"))
@ -249,11 +249,11 @@ public class EssentialsBlockListener extends BlockListener
if (user.inGroup(line)) { if (user.inGroup(line)) {
return ALLOWED; return ALLOWED;
} }
} else if (line.equalsIgnoreCase(user.getName())) { } else if (line.equalsIgnoreCase(user.getName().substring(0, 14))) {
return ALLOWED; return ALLOWED;
} }
} }
if (sign.getLine(3).equalsIgnoreCase(user.getName())) if (sign.getLine(3).equalsIgnoreCase(user.getName().substring(0, 14)))
{ {
return OWNER; return OWNER;
} }

View File

@ -23,7 +23,7 @@ public class EssentialsEcoBlockListener extends BlockListener
if (sign.getLine(0).equals("§1[Trade]")) if (sign.getLine(0).equals("§1[Trade]"))
{ {
if (!sign.getLine(3).substring(2).equals(user.getName())) { if (!sign.getLine(3).substring(2).equals(user.getName().substring(0, 14))) {
if (!user.isOp()) { if (!user.isOp()) {
event.setCancelled(true); event.setCancelled(true);
} }
@ -149,7 +149,7 @@ public class EssentialsEcoBlockListener extends BlockListener
event.setLine(0, "§1[Trade]"); event.setLine(0, "§1[Trade]");
event.setLine(1, (m1 ? "$" + q1 : q1 + " " + l1[1]) + ":0"); event.setLine(1, (m1 ? "$" + q1 : q1 + " " + l1[1]) + ":0");
event.setLine(2, (m2 ? "$" + q2 : q2 + " " + l2[1]) + ":" + r2); event.setLine(2, (m2 ? "$" + q2 : q2 + " " + l2[1]) + ":" + r2);
event.setLine(3, "§8" + user.getName()); event.setLine(3, "§8" + user.getName().substring(0, 14));
} }
catch (Throwable ex) catch (Throwable ex)
{ {
@ -157,7 +157,7 @@ public class EssentialsEcoBlockListener extends BlockListener
event.setLine(0, "§4[Trade]"); event.setLine(0, "§4[Trade]");
event.setLine(1, "# ItemOr$"); event.setLine(1, "# ItemOr$");
event.setLine(2, "# ItemOr$:#"); event.setLine(2, "# ItemOr$:#");
event.setLine(3, "§8" + user.getName()); event.setLine(3, "§8" + user.getName().substring(0, 14));
} }
return; return;
} }

View File

@ -85,7 +85,7 @@ public class EssentialsEcoPlayerListener extends PlayerListener
ItemStack qi1 = m1 ? null : ItemDb.get(l1[1], q1); ItemStack qi1 = m1 ? null : ItemDb.get(l1[1], q1);
ItemStack qi2 = m2 ? null : ItemDb.get(l2[1], q2); ItemStack qi2 = m2 ? null : ItemDb.get(l2[1], q2);
if (user.getName().equals(sign.getLines()[3].substring(2))) if (user.getName().substring(0, 14).equals(sign.getLines()[3].substring(2)))
{ {
if (m1) if (m1)
{ {