aboutsummaryrefslogtreecommitdiff
path: root/gamemode/core/pac/sv_pac.lua
diff options
context:
space:
mode:
Diffstat (limited to 'gamemode/core/pac/sv_pac.lua')
-rw-r--r--gamemode/core/pac/sv_pac.lua17
1 files changed, 11 insertions, 6 deletions
diff --git a/gamemode/core/pac/sv_pac.lua b/gamemode/core/pac/sv_pac.lua
index e9492e9..229b258 100644
--- a/gamemode/core/pac/sv_pac.lua
+++ b/gamemode/core/pac/sv_pac.lua
@@ -26,7 +26,7 @@
"artery_requestpac",
"artery_downloadpac"
]]
-
+local log = nrequire("log.lua")
local p3 = {}
local nwstrings = {
@@ -45,9 +45,14 @@ end
hook.Add("PrePACConfigApply", "stoppacs", function(ply, outfit_data)
if not ply:IsAdmin() then
return false, "You don't have permission to do that!"
- end
+ end
end)
+hook.Add( "PrePACEditorOpen", "stoppaceditor", function( ply )
+ return ply:IsSuperAdmin(), "This is accessable only to superadmins"
+end )
+
+
local pacsources = {
["data/artery/pacs/"] = "GAME"
}
@@ -80,7 +85,7 @@ end)
local appliedpacs = {}
function p3.ApplyPac(what, name)
- print("Applying pac", name, "to",what)
+ log.debug(string.format("Applying pac %q to %q",name,tostring(what)))
assert(pachashes[name],string.format("Tried to apply pac %s which didn't have a hash. Pac hashes are:%s",name,table.ToString(pachashes,"pachashes",true)))
appliedpacs[what] = appliedpacs[what] or {}
appliedpacs[what][name] = pachashes[name]
@@ -96,7 +101,7 @@ function p3.ApplyPac(what, name)
end
function p3.RemovePac(what, name)
- print("Removeing pac",what,"from",name)
+ log.debug(string.format("Removeing pac %q from %q",name,tostring(what)))
assert(appliedpacs[what][name],"Attempted to remove a pac that an entity is not wearing!")
appliedpacs[what][name] = nil
if #appliedpacs[what] == 0 then
@@ -170,10 +175,10 @@ end
net.Receive("artery_requestpac",function(ln,ply)
local pac_name = net.ReadString()
-
+ log.debug(string.format("Player %q requested pac %q",tostring(ply),pac_name))
--Double check that we're not executing a directory traversal attack https://www.owasp.org/index.php/Path_Traversal
if string.find(pac_name,"..",1,true) then
- Report(string.format("Directory traversal attack attempted by %s:%s using artery_requestpac string %q",ply:Nick(),ply:SteamID64(),pac_name))
+ log.report(string.format("Directory traversal attack attempted by %s:%s using artery_requestpac string %q",ply:Nick(),ply:SteamID64(),pac_name))
end
local pac_txt = cacheload(pac_name)
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2026-01-18 08:31:47 +0000