| View previous topic :: View next topic |
| Author |
Message |
doggo
Halfop
Joined: 05 Jan 2010
Posts: 97
|
 Posted: Sat Oct 30, 2010 7:50 pm Post subject: bad word and Guest kicker |
 |
|
| Code: | package require mysqltcl 3.05
namespace eval bad {
namespace eval words {
variable add_chan "#nzbmatrix.chat"
#DB CONNECTION
variable db_host "************"
variable db_port "************"
variable db_user "************"
variable db_pass "************"
variable db_name "************"
#BAD WORDS TABLE
variable db_table "bad_words"
variable db_badword "bword"
variable db_kickmsg "bkick"
#CHANNEL USER TABLE
variable db_user_table "channel_users"
variable db_user_nick "nick"
variable db_user_title "title"
variable db_user_host "host"
variable db_user_requests "requests"
variable db_user_fills "fills"
variable db_user_points "points"
variable db_user_leeched "leeched"
#TRIGGERS
variable rehashtrig "-rehash"
variable addtrig "-add"
variable deltrig "-del"
#BINDS
bind join -|- "$bad::words::add_chan %" bad::user_add::add_user
bind pub m|m $bad::words::rehashtrig bad::re_hash::rehash_func
bind msg -|- $bad::words::addtrig bad::badwordadd::addbadword
bind pubm -|- "$bad::words::add_chan *" bad::checkword::wordchecker
bind join -|- "$bad::words::add_chan *Guest*" bad::checknick::nickcheck
bind msg -|- $bad::words::deltrig bad::badworddel::delbadword
#END SETTINGS NAMESPACE
}
namespace eval re_hash {
proc rehash_func {nick uhost hand chan arg} {
rehash
putquick "PRIVMSG $bad::words::add_chan :done.."
}
#END RE_HASH NAMESPACE
}
namespace eval user_add {
proc add_user {nick host hand chan} {
set nick_ident *!*@[lindex [split [getchanhost $nick] "@"] 1]
set check_user_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];
set added_user_get [::mysql::sel $check_user_handle "SELECT $::bad::words::db_user_nick FROM $::bad::words::db_user_table WHERE $::bad::words::db_user_nick = '$nick'" -flatlist];
if { $added_user_get != "" } {
::mysql::endquery $check_user_handle
::mysql::close $check_user_handle
} elseif {$added_user_get == ""} {
set add_user_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];
if {[catch {set adduser [::mysql::exec $add_user_handle "INSERT INTO $bad::words::db_user_table ($bad::words::db_user_nick, $bad::words::db_user_host) VALUES ('$nick', '$nick_ident' )"]; } badentry]} {
::mysql::endquery $add_user_handle
::mysql::close $add_user_handle
} else {
::mysql::endquery $add_user_handle
::mysql::close $add_user_handle
}
}
}
#END USER_ADD NAMESPACE
}
namespace eval badwordadd {
proc addbadword {nick uhost hand text} {
set add_word [lindex $text 0]
set add_kick_msg [lrange $text 1 end]
if {$add_kick_msg == ""} {putquick "NOTICE $nick :you forgot a kick msg..";return}
if { [isop $nick $bad::words::add_chan] == 0 } {putquick "PRIVMSG $bad::words::add_chan :$nick tried to add '$add_word : $add_kick_msg' @ status is needed to add words";return}
set badword_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];
if {[catch {set addmp3 [::mysql::exec $badword_handle "INSERT INTO $bad::words::db_table ($bad::words::db_badword, $bad::words::db_kickmsg ) VALUES ('$add_word', '$add_kick_msg' )"]; } badentry]} {
putquick "NOTICE $nick :$badentry"
::mysql::endquery $badword_handle
::mysql::close $badword_handle
} else {
putquick "NOTICE $nick :\00307Added \017 | $add_word | $add_kick_msg"
::mysql::endquery $badword_handle
::mysql::close $badword_handle
}
}
#END BADWORDADD NAMESPACE
}
namespace eval checkword {
proc wordchecker {nick uhost hand chan text} {
set nick_ident *!*@[lindex [split [getchanhost $nick] "@"] 1]
regsub -all {\003([0-9]{1,2}(,[0-9]{1,2})?)?} $text "" text
regsub -all {\017|\037|\002|\026|\006|\007} $text "" text
set line [split $text]
set fnd 0
foreach wordsaid $line {
set check_word_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];
set check_word [::mysql::sel $check_word_handle "SELECT $::bad::words::db_badword, $::bad::words::db_kickmsg FROM $::bad::words::db_table WHERE $::bad::words::db_badword = '$wordsaid'" -flatlist];
::mysql::endquery $check_word_handle
::mysql::close $check_word_handle
if { $check_word == ""} { } else {
incr fnd 1
}
}
if { $fnd != "0" && [isop $nick $chan] == 0 } {
set why [lrange $check_word 1 end]
regsub -all {\{} $why "" why
regsub -all {\}} $why "" why
putquick "KICK $chan $nick :$why"
} else {
return
}
}
#END CHECKWORDADD NAMESPACE
}
namespace eval checknick {
proc nickcheck {nick uhost hand chan} {
set kick_reason "NO! Guests allowed.. Change your nick by typing /nick nzblover and rejoin"
putquick "MODE $chan +b $nick"
putquick "KICK $chan $nick :$kick_reason"
utimer 15 [list putquick "MODE $chan -b $nick"]
}
#END CHECKNICK NAMESPACE
}
namespace eval badworddel {
proc delbadword {nick uhost hand text} {
set add_word [lindex $text 0]
if {$add_word == ""} {putquick "NOTICE $nick :what did you want me to remove exactly?";return}
if { [isop $nick $bad::words::add_chan] == 0 } {putquick "PRIVMSG $bad::words::add_chan :$nick tried to remove '$add_word' @ status is needed to remove words";return}
set badword_handle [::mysql::connect -host $bad::words::db_host -port $bad::words::db_port -user $bad::words::db_user -password $bad::words::db_pass -db $bad::words::db_name];
set word_take [::mysql::exec $badword_handle "DELETE FROM $bad::words::db_table WHERE $bad::words::db_badword = '$add_word'"];
if { $word_take == 0 } {
putquick "NOTICE $nick :nothing found for '$addword'"
::mysql::endquery $badword_handle
::mysql::close $badword_handle
} else {
putquick "NOTICE $nick :\00307Removed \017 | $add_word "
::mysql::endquery $badword_handle
::mysql::close $badword_handle
}
}
#END BADWORDDEL NAMESPACE
}
#END ALL NAMESPACES
}
|
wrote this script works well as is.. i just wondered if there was anything i could maybe make better as i have only just got into coding
stores users on join and bad words into a mysql table also checks for bad words said on a channel, if one is said the bot kicks the user with the msg you added
ou need to be an @ in the channel you set, triggers are
-rehash requires you to be a bot master.
| Code: | -rehash *to rehash the bot*
/msg botnick -add badword some custom kick msg *to add a bad word*
/msg botnick -del badword *to remove a bad word*
|
_________________
NON geeky!! http://gotcode4u.com/ |
|
| Back to top |
|
 |
doggo
Halfop
Joined: 05 Jan 2010
Posts: 97
|
| Posted: Sat Oct 30, 2010 8:09 pm Post subject: |
|
|
| Code: | CREATE TABLE `CHANGE_THIS`.`bad_words` (
`bword` VARCHAR( 25 ) NOT NULL ,
`bkick` VARCHAR( 250 ) NOT NULL ,
KEY `bword` ( `bword` ) ,
KEY `bkick` ( `bkick` )
) ENGINE = MYISAM DEFAULT CHARSET = latin1; |
| Code: | CREATE TABLE `CHANGE_THIS`.`channel_users` (
`nick_id` INT( 25 ) NOT NULL AUTO_INCREMENT ,
`nick` VARCHAR( 35 ) NOT NULL ,
`title` VARCHAR( 200 ) NOT NULL DEFAULT 'Peasant',
`host` VARCHAR( 200 ) NOT NULL ,
`requests` INT( 100 ) NOT NULL DEFAULT '0',
`fills` INT( 100 ) NOT NULL DEFAULT '0',
`points` INT( 100 ) NOT NULL DEFAULT '0',
`leeched` INT( 25 ) NOT NULL DEFAULT '0',
KEY `nick_id` ( `nick_id` ) ,
KEY `leeched` ( `leeched` ) , |
_________________
NON geeky!! http://gotcode4u.com/ |
|
| Back to top |
|
|
caesar
Mint Rubber
Joined: 14 Oct 2001
Posts: 3741
Location: Mint Factory
|
| Posted: Sun Oct 31, 2010 5:10 am Post subject: |
|
|
You do realize that this script is not resources friendly due to it connecting to the database and check for each word every time a user says something in the channel? A better alternative would be either go for a flat file or sqlite3.
_________________
Once the game is over, the king and the pawn go back in the same box. |
|
| Back to top |
|
|
madpinger
Voice
Joined: 03 Oct 2010
Posts: 12
|
| Posted: Sun Oct 31, 2010 10:47 am Post subject: |
|
|
| caesar wrote: | | You do realize that this script is not resources friendly due to it connecting to the database and check for each word every time a user says something in the channel? A better alternative would be either go for a flat file or sqlite3. |
sqlite3 is <3, It's really nice. |
|
| Back to top |
|
|
nml375
Revered One
Joined: 04 Aug 2006
Posts: 2857
|
| Posted: Sun Oct 31, 2010 12:31 pm Post subject: |
|
|
Not to be rude, but the "less-than-optimal" resource usage is the least of concern with this script.
In essence, there are two flaws, of which one can be considered severe:
- You treat strings from untrusted sources as list. This is a bad practise, and will break the script on certain inputs.
Generally not exploitable.
- You perform no validation or sanitation of remote data inserted into your SQL-queries.
Thus, your script is vulnerable to Remote SQL-injection attacks. The script does not connect with multistatement support enabled, which does limit the impact of this poor coding. That, however, is not an excuse for not validating/sanitizing the data in the first place.
A few advices:
Read up on the mysql_real_escape() command (available through ::mysql::escape in mysqltcl) for protecting your queries against SQL-injections.
Consider keeping a single sql connection, and use this single one for each and all transactions, rather than dropping and reconnecting for every single query.
Read up on the differences between strings and lists in tcl. You'll probably find these commands useful as well: list, split, and join. Also remember that lindex does return a string (from a list), while lrange returns a list (a subset from a list).
_________________
NML_375, idling at #eggdrop@IrcNET |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
