TotalFreedomMC/BukkitTelnet
1
0
Fork 0
mirror of https://github.com/TotalFreedomMC/BukkitTelnet.git synced 2024-06-22 22:11:01 +00:00
Code Issues Projects Releases Wiki Activity

Adjusted input filtering.

Browse source
This commit is contained in:
StevenLawson 2013-09-27 10:19:50 -04:00
parent a9c8930f3b
commit c066e3e5bc
1 changed files with 22 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
src/me/StevenLawson/BukkitTelnet/BT_ClientSession.java
View file

@ -20,7 +20,8 @@ import org.bukkit.scheduler.BukkitRunnable;
public final class BT_ClientSession extends Thread
{
private static final Pattern NONASCII_FILTER = Pattern.compile("[^\\x20-\\x7E]");
private static final Pattern AUTH_INPUT_FILTER = Pattern.compile("[^a-zA-Z0-9\\-\\.\\_]");
private static final Pattern AUTH_INPUT_FILTER = Pattern.compile("[^a-zA-Z0-9]");
private static final Pattern COMMAND_INPUT_FILTER = Pattern.compile("^[^a-zA-Z0-9/\\?!\\.]+");
//
private final Socket clientSocket;
private final String clientAddress;
@ -255,9 +256,15 @@ public final class BT_ClientSession extends Thread
try
{
writeOutFormatted("Username: ", false);
String _userName = AUTH_INPUT_FILTER.matcher(reader.readLine()).replaceAll("").trim();
String _userName = reader.readLine();
writeOut(":");
if (_userName != null && !_userName.isEmpty())
{
_userName = AUTH_INPUT_FILTER.matcher(_userName).replaceAll("").trim();
}
if (_userName != null && !_userName.isEmpty())
{
this.userName = _userName;
@ -285,9 +292,15 @@ public final class BT_ClientSession extends Thread
try
{
writeOutFormatted("Password: ", false);
String _password = AUTH_INPUT_FILTER.matcher(reader.readLine()).replaceAll("").trim();
String _password = reader.readLine();
writeOut(":");
if (_password != null && !_password.isEmpty())
{
_password = AUTH_INPUT_FILTER.matcher(_password).replaceAll("").trim();
}
if (_password != null && !_password.isEmpty() && BT_TelnetServer.getInstance().getPassword().equals(_password))
{
return true;
@ -339,9 +352,13 @@ public final class BT_ClientSession extends Thread
writeOut(":");
if (command != null && !(command = stripNonAscii(command).trim()).isEmpty())
if (command != null)
{
sendBukkitCommand(command);
command = COMMAND_INPUT_FILTER.matcher(NONASCII_FILTER.matcher(command).replaceAll("")).replaceFirst("").trim();
if (!command.isEmpty())
{
sendBukkitCommand(command);
}
}
}
}
@ -351,11 +368,6 @@ public final class BT_ClientSession extends Thread
}
}
private static String stripNonAscii(String string)
{
return NONASCII_FILTER.matcher(string).replaceAll("");
}
private static boolean fuzzyIpMatch(String a, String b, int octets)
{
boolean match = true;