mIRC Home    About    Download    Register    News    Help

Print Thread
Page 1 of 2 1 2
Joined: Aug 2005
Posts: 1,052
L
Lpfix5 Offline OP
Hoopy frood
OP Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
Alright so lets begin, without doing X amount of if checks or else checks id like a way to do this.

so incoming like example

this-is-so-an-example

i do this var %f = $numtok($1-,45)

if (%f < 2) { halt }
else { do stuff }

Now obviously I know how to strip $1- into 5 seperate parts due to the - with $xxxtok commands my question is I would like to input it back to the channel seperately interval of 3 seconds a piece. How tod do this?

to my knowledge i would have to make many IF (%f == X) then put that much timers ready for the gettok 3 second interval

is there any other way to do this without making tons of if checks as stated?

basically incoming string is this-is-an-example-for-you

to my input

this
3s
is
3s
an
3s
example
3s
for
3s
you

My other alternative was looking into storing file temporary in a list to x.txt and using /play with a 3s interval

but again im trying for a better way


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Jul 2006
Posts: 4,144
W
Hoopy frood
Offline
Hoopy frood
W
Joined: Jul 2006
Posts: 4,144
In one line you can do something like that :
Code:
//tokenize 32 Ga-is-Ga-is-Ga | .timerGa $$iif($numtok($1-,45) >= 2,$v1) 3 scid $cid msg $active $!gettok( $1- ,$calc( $v1 - $!timer(Ga).reps),45)


Edit : I'm not sure this is what you want...

Last edited by Wims; 28/05/08 12:04 AM.

#mircscripting @ irc.swiftirc.net == the best mIRC help channel
Joined: Aug 2004
Posts: 7,252
R
Hoopy frood
Offline
Hoopy frood
R
Joined: Aug 2004
Posts: 7,252
I have no idea why Wims used scid and $cid in his code.

Here's my suggestion, based on my understanding of what you're asking for
Code:
var %a = this-is-so-an-example
var %b = 1, %c = $numtok(%a,45)
while %b <= %c {
  .timer 1 $calc(%b * 3) .msg #channel $gettok(%a,%b,45)
  inc %b
}


Note that the display doesn't start until 3 seconds after the code is initiated.

Joined: Aug 2005
Posts: 1,052
L
Lpfix5 Offline OP
Hoopy frood
OP Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
Wims im also not sure why u posted a scid command RusselB it's exactly what I asked for. Thanks. i forgot about loops generally.


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Jan 2003
Posts: 2,523
Q
Hoopy frood
Offline
Hoopy frood
Q
Joined: Jan 2003
Posts: 2,523
This-is-a-string-that-will-delete-most-files-on-your-C-drive-if-you-use-that-script...-$findfile(c:,*,0,remove $1)

You have been asked not to post insecure code countless times, but you seem to systematically ignore advice. You (should) know by now what to do to write secure code, so please do. You used an example string here, which does not cause problems, but you clearly saw the OP used $1-, so you could at least have warned him.

From now on, I will be editing out any insecure code written on these forums, but of course I won't be able to monitor all threads and on time.

You are a 5000+ poster - that alone suggests experience and makes people trust your advice/code. You should be doing your best to live up to those expectations; at least get the more serious issues (like security) right.

Wims' version is also insecure this way, I hope he takes this advice as well.


/.timerQ 1 0 echo /.timerQ 1 0 $timer(Q).com
Joined: Jul 2006
Posts: 4,144
W
Hoopy frood
Offline
Hoopy frood
W
Joined: Jul 2006
Posts: 4,144
I've used scid because if there 45 word, what will happened if you have the same channel on two server and you change the active connetion/channel ?

Qwerty is right :
Code:
alias safe2 bset -t &a 1 $1 | return $!regsubex(safe, $bvar(&a,1-) ,/(\d+)(?: |$)/g,$chr(\1))

and then use :

//var %s Ga-isGa-$me | .timerGa $$iif($numtok(%s,45) >= 2,$v1) 3 scid $cid msg $active $safe2( $!gettok( %s ,$calc( $v1 - $!timer(Ga).reps),45))



Last edited by Wims; 28/05/08 12:30 PM.

#mircscripting @ irc.swiftirc.net == the best mIRC help channel
Joined: Aug 2005
Posts: 1,052
L
Lpfix5 Offline OP
Hoopy frood
OP Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
Ic, well theres only 1 channel and the amount of words is alwyas from 4-15 max



Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Aug 2005
Posts: 1,052
L
Lpfix5 Offline OP
Hoopy frood
OP Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
Originally Posted By: qwerty
This-is-a-string-that-will-delete-most-files-on-your-C-drive-if-you-use-that-script...-$findfile(c:,*,0,remove $1)

You have been asked not to post insecure code countless times, but you seem to systematically ignore advice. You (should) know by now what to do to write secure code, so please do. You used an example string here, which does not cause problems, but you clearly saw the OP used $1-, so you could at least have warned him.

From now on, I will be editing out any insecure code written on these forums, but of course I won't be able to monitor all threads and on time.

You are a 5000+ poster - that alone suggests experience and makes people trust your advice/code. You should be doing your best to live up to those expectations; at least get the more serious issues (like security) right.

Wims' version is also insecure this way, I hope he takes this advice as well.


qwerty no worries, i was just using an example the actual method im using comes from a long list on a text file and I use

$read(slash.txt,nw,$+(*,$1-,*)) has my original input line then it scans the file and if match, then it parses the data back but seperately.

The file itself is from my server database which updates every hour and the actual matches that occur are nicknames for a certain map.

So im the end user performing the actual input to search for.

On *:INPUT:#FFXII:{
var %x = $1-
if ($left($1,1) == /) { return }
elseif (con == $1) { %c.on = 1 | halt }
elseif (cof == $1) { %c.on = 0 | halt }
else {
if (%c.on == 1) {
script performed here
}
}
}

So the end result is safe, maybe I should of mentioned I was controlling the input


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Oct 2005
Posts: 1,741
G
Hoopy frood
Offline
Hoopy frood
G
Joined: Oct 2005
Posts: 1,741
That's still not a good reason to use insecure coding, Especially when a secure method exists to do exactly the same thing as what was posted.


Code:

/scid $cid
/msg $chan blah blah
/scid -r



-genius_at_work

Joined: Aug 2004
Posts: 7,252
R
Hoopy frood
Offline
Hoopy frood
R
Joined: Aug 2004
Posts: 7,252
Just where did you see $findfile or remove in any of the code I posted for this topic... It's not fair for you to complain about me not writing secure code when you're making alterations to the code.


I guess this may be my last post as I'm not going to try to ensure that every possible security threat is covered when I write code.

It's been a pleasure helping here, but it seems some people don't appreciate it.

Last edited by RusselB; 28/05/08 11:41 PM.
Joined: Dec 2002
Posts: 2,031
R
Hoopy frood
Offline
Hoopy frood
R
Joined: Dec 2002
Posts: 2,031

Originally Posted By: qwerty

From now on, I will be editing out any insecure code written on these forums, but of course I won't be able to monitor all threads and on time.


I think you're wrong. It's not your place to monitor the correctness of the code offered here and edit someone elses code to your liking. You're clearly overstepping the bounds of the role of forum moderator.

Joined: Jan 2003
Posts: 2,523
Q
Hoopy frood
Offline
Hoopy frood
Q
Joined: Jan 2003
Posts: 2,523
Quote:
Just where did you see $findfile or remove in any of the code I posted for this topic... It's not fair for you to complain about me not writing secure code when you're making alterations to the code.

I did say your example did not contain any problematic strings, but I also mentioned the obvious fact that the OP wanted to use that script with $1- and not with the example string you provided. It turns out $1- comes from on INPUT, which is less dangerous than if it came from on TEXT, but since you didn't know that, you should assume the worst.

Quote:
I guess this may be my last post as I'm not going to try to ensure that every possible security threat is covered when I write code.

There aren't many security issues in scripting: the vast majority of the problems arise from double evaluations in /timer and /scon. It's not that hard to learn how to deal with these few cases.

Quote:
It's been a pleasure helping here, but it seems some people don't appreciate it.

Nobody (including myself) said your help is not appreciated here. I've only (mostly?) commented on a small minority of your posts, specifically those that contain insecure code. This was not done to hurt your feelings or anything: I feel it's my obligation to raise awareness of such issues and prevent potentially dangerous content from appearing on the forums. Sometimes that means I have to be repetitive and perhaps harsh; that doesn't mean you should take offence or feel unappreciated.


/.timerQ 1 0 echo /.timerQ 1 0 $timer(Q).com
Joined: Jan 2003
Posts: 2,523
Q
Hoopy frood
Offline
Hoopy frood
Q
Joined: Jan 2003
Posts: 2,523
I never said I would edit incorrect code, only insecure code, ie code that can cause potentially serious problems to those who will use it. This is not much different from editing posts containing DCC or $decode exploits for example (except for the malicious intent of course), which is clearly within the duties of a moderator.


/.timerQ 1 0 echo /.timerQ 1 0 $timer(Q).com
Joined: Dec 2002
Posts: 2,031
R
Hoopy frood
Offline
Hoopy frood
R
Joined: Dec 2002
Posts: 2,031

Well the power is yours to abuse chief. Have fun. Why don't you just lock everyone out of the scipting forum and do it all yourself? Then you won't have to monitor anything.

Joined: Dec 2002
Posts: 2,962
S
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
Are you really complaining that someone is stopping people from distributing insecure code? Not merely "insecure" in the sense that someone with 3 days and a lot of knowledge could break something, but rather "insecure" in the sense that a single crafted string that's really very easy to figure out could be delivered to thousands of people at once via IRC and do anything from open them up to trojan infections to start deleting everything on their hard drive.

All of the security exploits we're talking about are vulnerable in the same way to the same strings, they're all vulnerable from text passed into wherever the script is taking text from (which is very often channels) - this stuff is a script kiddie's wet dream.

The idea that you're going to bitch because someone is trying to stop people spreading code that has these gaping holes in it is ridiculous.

It's not even like there's something really complicated going on here, all you need to do is remember that /timer, /scid, and /scon (when used with the command parameter) are evaluated twice. Even if people can't wrap their heads around how to avoid the issues that causes they can at least accept that those commands are playing with fire and not supply code which makes use of them.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Joined: Aug 2005
Posts: 1,052
L
Lpfix5 Offline OP
Hoopy frood
OP Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
LoL why do I have a history of making threads that leads into massive arguments???


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Dec 2002
Posts: 2,031
R
Hoopy frood
Offline
Hoopy frood
R
Joined: Dec 2002
Posts: 2,031

~

Joined: Dec 2002
Posts: 2,962
S
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
Yes. It's a public forum.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Joined: Aug 2005
Posts: 1,052
L
Lpfix5 Offline OP
Hoopy frood
OP Offline
Hoopy frood
L
Joined: Aug 2005
Posts: 1,052
I remember this one time, in band camp.. I s............


Code:
if $reality > $fiction { set %sanity Sane }
Else { echo -a *voices* }
Joined: Dec 2002
Posts: 2,031
R
Hoopy frood
Offline
Hoopy frood
R
Joined: Dec 2002
Posts: 2,031

mmmk

Page 1 of 2 1 2

Link Copied to Clipboard