mIRC is evaluating the contents of an identifier when the /var command is used to define a variable. If the identifier contains a simple single-operator math expression, mIRC will store the solution to the expression and not the string itself.
This can be potentially exploited with user input.
This CAN NOT be treated with any known work-arounds, short of replacing spaces with $chr(160).
EXAMPLE 1:
On *:TEXT:*:#: { var %a = $1- | echo -a %a }
<Raccoon> Hi
OUTPUT: Hi
<Raccoon> 1 + 1
OUTPUT: 2
(should be: 1 + 1)
EXAMPLE 2:
//var %a = $qt(1 + 1), %b = $noqt(%a) | echo -a %a , %b
OUTPUT: "1 + 1" , 2
v7.29
UPDATE:
I was informed a functioning work around is to use /set -nl %a $1- instead of /var %a = $1-
