The code is exploitable, and not just by an evil oper but by users as well. All one needs to do is get you to join #$q (which is a valid channel name) to be able to make you quit IRC (/q is a /quit default alias, or at least something a lot of users have installed).
Not true. $q doesn't execute quit anymore.
The mirc installer used to install certain common aliases (this is what I meant by "default aliases"), like /j and /q (there used to be a line "/q /quit $1-" in Aliases). In these cases, $q would certainly execute /quit. I seem to remember these stock aliases are no longer included in a clean install but many users still have a /q alias. These details are besides the point though, which is that an attacker can do a lot of damage if they happen to have a little more information about a victim's installed aliases.
edit #3: In order to "refrain from any comments if you think people did stupid or non logical things", as suggested by one of the forum moderators, I won't be pointing out any vulnerable or "stupid" code in the future. I hope that makes whoever was upset by my constructive criticism happy.
I'm sure the moderator who told you that did not mean "do not comment when a helper gives out vulnerable code" in particular - he was probably thinking of your often incendiary and sometimes downright rude attitude, which I think distracts people from the actual constructive points made in your posts.
