Hi,
I think you pretty much got it already but just to clarify:
$eval(..., N) allows you to evaluate "..." N times.
So $eval($ $+ $rand(1,$0),1) would only evaluate it once. That means it would return the literal text "$1" (assuming the $rand returned 1)
If you evaluate it a second time then it passes through a second time and returns whatever the $1 token is.
Your script contains an exploit as /timer evaluates everything twice. You should never pass unknown content to /timer without wrapping it in $unsafe() :
on *:text:!pick *:#:{
var %tokens = $2-, %randomnumber = $rand(1,$numtok(%tokens,44)), %randomtoken = $gettok(%tokens,%randomnumber,44)
var %randomintro $rand(1,4)
if (%randomintro == 1) { /timer 1 1 /msg # Definitely $unsafe(%randomtoken) }
if (%randomintro == 2) { /timer 1 1 /msg # Those are terrible choices, but go with $unsafe(%randomtoken) }
if (%randomintro == 3) { /timer 1 1 /msg # Yeah, sorry, I can't condone any of those. Try something else later. }
if (%randomintro == 4) { /timer 1 1 /msg # Ehhhh. I guess $unsafe(%randomtoken) }
}If you leave it as is then people will be execute commands remotely on your machine or try and read sensitive variables and identifiers.
