From a9235dad93baeebf51edef3e941a9d35b35aba9d Mon Sep 17 00:00:00 2001 From: Kwoth Date: Sun, 9 Oct 2016 22:40:14 +0200 Subject: [PATCH] Sanitized everything i could think of so far which which could cause accidental @everyone or @here mentions --- .../Commands/ServerGreetCommands.cs | 15 +++--- .../Games/Commands/SpeedTypingCommands.cs | 53 +++++++++++-------- .../Commands/Trivia/TriviaQuestionPool.cs | 5 +- .../Modules/Utility/Commands/InfoCommands.cs | 2 +- .../Modules/Utility/Commands/QuoteCommands.cs | 3 +- .../Modules/Utility/Commands/Remind.cs | 8 +-- src/NadekoBot/Modules/Utility/Utility.cs | 6 +-- src/NadekoBot/_Extensions/Extensions.cs | 3 ++ 8 files changed, 55 insertions(+), 40 deletions(-) diff --git a/src/NadekoBot/Modules/Administration/Commands/ServerGreetCommands.cs b/src/NadekoBot/Modules/Administration/Commands/ServerGreetCommands.cs index 735f7e0f..0d5561a0 100644 --- a/src/NadekoBot/Modules/Administration/Commands/ServerGreetCommands.cs +++ b/src/NadekoBot/Modules/Administration/Commands/ServerGreetCommands.cs @@ -1,6 +1,7 @@ using Discord; using Discord.Commands; using NadekoBot.Attributes; +using NadekoBot.Extensions; using NadekoBot.Services; using NadekoBot.Services.Database.Models; using NLog; @@ -42,12 +43,12 @@ namespace NadekoBot.Modules.Administration if (channel == null) //maybe warn the server owner that the channel is missing return; - var msg = conf.ChannelByeMessageText.Replace("%user%", "**" + user.Username + "**"); + var msg = conf.ChannelByeMessageText.Replace("%user%", user.Username).Replace("%server%", user.Guild.Name); if (string.IsNullOrWhiteSpace(msg)) return; try { - var toDelete = await channel.SendMessageAsync(msg).ConfigureAwait(false); + var toDelete = await channel.SendMessageAsync(msg.SanitizeMentions()).ConfigureAwait(false); if (conf.AutoDeleteByeMessages) { var t = Task.Run(async () => @@ -82,7 +83,7 @@ namespace NadekoBot.Modules.Administration { try { - var toDelete = await channel.SendMessageAsync(msg).ConfigureAwait(false); + var toDelete = await channel.SendMessageAsync(msg.SanitizeMentions()).ConfigureAwait(false); if (conf.AutoDeleteGreetMessages) { var t = Task.Run(async () => @@ -172,7 +173,7 @@ namespace NadekoBot.Modules.Administration conf = uow.GuildConfigs.For(channel.Guild.Id); if (!string.IsNullOrWhiteSpace(text)) { - conf.ChannelGreetMessageText = text; + conf.ChannelGreetMessageText = text.SanitizeMentions(); uow.GuildConfigs.Update(conf); await uow.CompleteAsync(); } @@ -180,7 +181,7 @@ namespace NadekoBot.Modules.Administration if (string.IsNullOrWhiteSpace(text)) { - await channel.SendMessageAsync("`Current greet message:` " + conf.ChannelGreetMessageText); + await channel.SendMessageAsync("`Current greet message:` " + conf.ChannelGreetMessageText.SanitizeMentions()); return; } await channel.SendMessageAsync("New greet message set.").ConfigureAwait(false); @@ -275,7 +276,7 @@ namespace NadekoBot.Modules.Administration conf = uow.GuildConfigs.For(channel.Guild.Id); if (!string.IsNullOrWhiteSpace(text)) { - conf.ChannelByeMessageText = text; + conf.ChannelByeMessageText = text.SanitizeMentions(); uow.GuildConfigs.Update(conf); await uow.CompleteAsync(); } @@ -283,7 +284,7 @@ namespace NadekoBot.Modules.Administration if (string.IsNullOrWhiteSpace(text)) { - await channel.SendMessageAsync("`Current bye message:` " + conf.ChannelGreetMessageText); + await channel.SendMessageAsync("`Current bye message:` " + conf.ChannelGreetMessageText.SanitizeMentions()); return; } await channel.SendMessageAsync("New bye message set.").ConfigureAwait(false); diff --git a/src/NadekoBot/Modules/Games/Commands/SpeedTypingCommands.cs b/src/NadekoBot/Modules/Games/Commands/SpeedTypingCommands.cs index 624bb9d8..da65770c 100644 --- a/src/NadekoBot/Modules/Games/Commands/SpeedTypingCommands.cs +++ b/src/NadekoBot/Modules/Games/Commands/SpeedTypingCommands.cs @@ -56,40 +56,47 @@ namespace NadekoBot.Modules.Games IsActive = true; CurrentSentence = GetRandomSentence(); var i = (int)(CurrentSentence.Length / WORD_VALUE * 1.7f); - await channel.SendMessageAsync($@":clock2: Next contest will last for {i} seconds. Type the bolded text as fast as you can.").ConfigureAwait(false); - - - var msg = await channel.SendMessageAsync("Starting new typing contest in **3**...").ConfigureAwait(false); - await Task.Delay(1000).ConfigureAwait(false); try { - await msg.ModifyAsync(m => m.Content = "Starting new typing contest in **2**...").ConfigureAwait(false); - await Task.Delay(1000).ConfigureAwait(false); - await msg.ModifyAsync(m => m.Content = "Starting new typing contest in **1**...").ConfigureAwait(false); + await channel.SendMessageAsync($@":clock2: Next contest will last for {i} seconds. Type the bolded text as fast as you can.").ConfigureAwait(false); + + + var msg = await channel.SendMessageAsync("Starting new typing contest in **3**...").ConfigureAwait(false); await Task.Delay(1000).ConfigureAwait(false); + try + { + await msg.ModifyAsync(m => m.Content = "Starting new typing contest in **2**...").ConfigureAwait(false); + await Task.Delay(1000).ConfigureAwait(false); + await msg.ModifyAsync(m => m.Content = "Starting new typing contest in **1**...").ConfigureAwait(false); + await Task.Delay(1000).ConfigureAwait(false); + } + catch (Exception ex) { _log.Warn(ex); } + + await msg.ModifyAsync(m => m.Content = $"**{Format.Sanitize(CurrentSentence.Replace(" ", " \x200B")).SanitizeMentions()}**:book:").ConfigureAwait(false); + sw.Start(); + HandleAnswers(); + + while (i > 0) + { + await Task.Delay(1000).ConfigureAwait(false); + i--; + if (!IsActive) + return; + } + } - catch (Exception ex) { _log.Warn(ex); } - - await msg.ModifyAsync(m => m.Content = $":book:**{CurrentSentence.Replace(" ", " \x200B")}**:book:").ConfigureAwait(false); - sw.Start(); - HandleAnswers(); - - while (i > 0) + catch { } + finally { - await Task.Delay(1000).ConfigureAwait(false); - i--; - if (!IsActive) - return; + await Stop().ConfigureAwait(false); } - - await Stop().ConfigureAwait(false); } public string GetRandomSentence() { using (var uow = DbHandler.UnitOfWork()) { - return uow.TypingArticles.GetRandom()?.Text ?? "No typing articles found. Use `>typeadd` command to add a new article for typing."; + return uow.TypingArticles.GetRandom()?.Text ?? $"No typing articles found. Use `{NadekoBot.ModulePrefixes[typeof(Games).Name]}typeadd` command to add a new article for typing."; } } @@ -194,7 +201,7 @@ namespace NadekoBot.Modules.Games uow.TypingArticles.Add(new Services.Database.Models.TypingArticle { Author = imsg.Author.Username, - Text = text + Text = text.SanitizeMentions(), }); await uow.CompleteAsync().ConfigureAwait(false); } diff --git a/src/NadekoBot/Modules/Games/Commands/Trivia/TriviaQuestionPool.cs b/src/NadekoBot/Modules/Games/Commands/Trivia/TriviaQuestionPool.cs index cc9db53a..deb4e7b1 100644 --- a/src/NadekoBot/Modules/Games/Commands/Trivia/TriviaQuestionPool.cs +++ b/src/NadekoBot/Modules/Games/Commands/Trivia/TriviaQuestionPool.cs @@ -1,4 +1,5 @@ -using NadekoBot.Services; +using NadekoBot.Extensions; +using NadekoBot.Services; using Newtonsoft.Json.Linq; using System; using System.Collections.Generic; @@ -34,7 +35,7 @@ namespace NadekoBot.Modules.Games.Trivia foreach (var item in arr) { - var tq = new TriviaQuestion(item["Question"].ToString(), item["Answer"].ToString(), item["Category"]?.ToString()); + var tq = new TriviaQuestion(item["Question"].ToString().SanitizeMentions(), item["Answer"].ToString().SanitizeMentions(), item["Category"]?.ToString()); pool.Add(tq); } var r = new NadekoRandom(); diff --git a/src/NadekoBot/Modules/Utility/Commands/InfoCommands.cs b/src/NadekoBot/Modules/Utility/Commands/InfoCommands.cs index f80fc294..806deac2 100644 --- a/src/NadekoBot/Modules/Utility/Commands/InfoCommands.cs +++ b/src/NadekoBot/Modules/Utility/Commands/InfoCommands.cs @@ -77,7 +77,7 @@ namespace NadekoBot.Modules.Utility toReturn += $@"`Id:` **{user.Id}** `Current Game:` **{(user.Game?.Name == null ? "-" : user.Game.Name)}** `Joined At:` **{user.JoinedAt}** -`Roles:` **({user.Roles.Count()}) - {string.Join(", ", user.Roles.Select(r => r.Name))}** +`Roles:` **({user.Roles.Count()}) - {string.Join(", ", user.Roles.Select(r => r.Name)).SanitizeMentions()}** `AvatarUrl:` **{user.AvatarUrl}**"; await msg.Reply(toReturn).ConfigureAwait(false); } diff --git a/src/NadekoBot/Modules/Utility/Commands/QuoteCommands.cs b/src/NadekoBot/Modules/Utility/Commands/QuoteCommands.cs index c69f030b..f9c37bf6 100644 --- a/src/NadekoBot/Modules/Utility/Commands/QuoteCommands.cs +++ b/src/NadekoBot/Modules/Utility/Commands/QuoteCommands.cs @@ -1,6 +1,7 @@ using Discord; using Discord.Commands; using NadekoBot.Attributes; +using NadekoBot.Extensions; using NadekoBot.Services; using NadekoBot.Services.Database; using NadekoBot.Services.Database.Models; @@ -34,7 +35,7 @@ namespace NadekoBot.Modules.Utility if (quote == null) return; - await channel.SendMessageAsync("📣 " + quote.Text); + await channel.SendMessageAsync("📣 " + quote.Text.SanitizeMentions()); } [NadekoCommand, Usage, Description, Aliases] diff --git a/src/NadekoBot/Modules/Utility/Commands/Remind.cs b/src/NadekoBot/Modules/Utility/Commands/Remind.cs index c9268ea8..1a65b535 100644 --- a/src/NadekoBot/Modules/Utility/Commands/Remind.cs +++ b/src/NadekoBot/Modules/Utility/Commands/Remind.cs @@ -2,6 +2,7 @@ using Discord.Commands; using Discord.WebSocket; using NadekoBot.Attributes; +using NadekoBot.Extensions; using NadekoBot.Services; using NadekoBot.Services.Database; using NadekoBot.Services.Database.Models; @@ -47,7 +48,7 @@ namespace NadekoBot.Modules.Utility foreach (var r in reminders) { - var t = StartReminder(r); + try { var t = StartReminder(r); } catch (Exception ex) { _log.Warn(ex); } } } @@ -77,7 +78,8 @@ namespace NadekoBot.Modules.Utility await ch.SendMessageAsync( replacements.Aggregate(RemindMessageFormat, - (cur, replace) => cur.Replace(replace.Key, replace.Value(r))) + (cur, replace) => cur.Replace(replace.Key, replace.Value(r))) + .SanitizeMentions() ).ConfigureAwait(false); //it works trust me } catch (Exception ex) { _log.Warn(ex); } @@ -179,7 +181,7 @@ namespace NadekoBot.Modules.Utility await uow.CompleteAsync(); } - try { await channel.SendMessageAsync($"⏰ I will remind \"{(ch is ITextChannel ? ((ITextChannel)ch).Name : umsg.Author.Username)}\" to \"{message.ToString()}\" in {output}. ({time:d.M.yyyy.} at {time:HH:mm})").ConfigureAwait(false); } catch { } + try { await channel.SendMessageAsync($"⏰ I will remind \"{(ch is ITextChannel ? ((ITextChannel)ch).Name : umsg.Author.Username)}\" to \"{message.SanitizeMentions()}\" in {output}. ({time:d.M.yyyy.} at {time:HH:mm})").ConfigureAwait(false); } catch { } await StartReminder(rem); } diff --git a/src/NadekoBot/Modules/Utility/Utility.cs b/src/NadekoBot/Modules/Utility/Utility.cs index ced8457c..9224f351 100644 --- a/src/NadekoBot/Modules/Utility/Utility.cs +++ b/src/NadekoBot/Modules/Utility/Utility.cs @@ -45,7 +45,7 @@ namespace NadekoBot.Modules.Utility [NadekoCommand, Usage, Description, Aliases] [RequireContext(ContextType.Guild)] - public async Task InRole(IUserMessage umsg, [Remainder] string roles = null) + public async Task InRole(IUserMessage umsg, [Remainder] string roles) { if (string.IsNullOrWhiteSpace(roles)) return; @@ -122,11 +122,11 @@ namespace NadekoBot.Modules.Utility var guild = channel.Guild; if (target != null) { - await msg.Reply($"`List of roles for **{target.Username}**:` \n• " + string.Join("\n• ", target.Roles.Except(new[] { guild.EveryoneRole }).OrderBy(r => r.Position))); + await msg.Reply($"`List of roles for **{target.Username}**:` \n• " + string.Join("\n• ", target.Roles.Except(new[] { guild.EveryoneRole }).OrderBy(r => r.Position)).SanitizeMentions()); } else { - await msg.Reply("`List of roles:` \n• " + string.Join("\n• ", guild.Roles.Except(new[] { guild.EveryoneRole }).OrderBy(r=>r.Position))); + await msg.Reply("`List of roles:` \n• " + string.Join("\n• ", guild.Roles.Except(new[] { guild.EveryoneRole }).OrderBy(r=>r.Position)).SanitizeMentions()); } } diff --git a/src/NadekoBot/_Extensions/Extensions.cs b/src/NadekoBot/_Extensions/Extensions.cs index c226e45e..f2c22573 100644 --- a/src/NadekoBot/_Extensions/Extensions.cs +++ b/src/NadekoBot/_Extensions/Extensions.cs @@ -23,6 +23,9 @@ namespace NadekoBot.Extensions http.DefaultRequestHeaders.Add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"); } + public static string SanitizeMentions(this string str) => + str.Replace("@everyone", "@everyοne").Replace("@here", "@һere"); + public static double UnixTimestamp(this DateTime dt) => dt.ToUniversalTime().Subtract(new DateTime(1970, 1, 1)).TotalSeconds; public static async Task SendMessageAsync(this IGuildUser user, string message, bool isTTS = false) =>