Blockland Forums > Suggestions & Requests
callservercommand event- except it is for the host only
xSetrox:
/title
The reason the callservercommand event was failed was because it had no protection and anyone, even non-admins, could use it.
So, can someone make it work for the host only?
Thanks.
Greek2me:
I have something waiting to be approved right now: http://forum.returntoblockland.com/dlm/viewFile.php?id=5384
Once it gets released I can add that to it.
--- Quote from: RTB Description ---Includes these output events:
[*]Server -> loadSaveFile Allows for a save file to be loaded. You can specify the file name and ownership.
[*]Server -> clearAllBricks Clears all bricks in the server. In conjunction with loadSaveFile, this can be used to reset a map.
[*]Server -> echo Prints an echo to the console.
[*]Server -> warn Prints a warning to the console.
[*]Server -> error Prints an error to the console.[/list]
Please note: All events are host-only.
Feel free to submit ideas for additional server events!
--- End quote ---
Who Cares99:
--- Quote from: Badspot on January 22, 2014, 11:02:31 PM ---Even if it was host only it's still a tremendously bad idea because malicious scripts could be embedded in save files.
--- End quote ---
I don't quite understand how this would be a huge threat with this mod, but it's what badspot said to the exact same suggestion as this.
(The original post didn't say to make it host only but it did in the thread)
Badspot:
A white listed series of specifically implemented events (like greek2me's post) is the way to do this.
If you allow complete access to any servercmd, then malicious saves could be created that ban players, change the admin password, restart the server, who knows what. There's also unforeseen interactions with future add-ons that implement new servercmds. Stick to implementing specific events, not exposing script access.
Who Cares99:
--- Quote from: Badspot on January 23, 2014, 01:27:43 AM ---A white listed series of specifically implemented events (like greek2me's post) is the way to do this.
If you allow complete access to any servercmd, then malicious saves could be created that ban players, change the admin password, restart the server, who knows what. There's also unforeseen interactions with future add-ons that implement new servercmds. Stick to implementing specific events, not exposing script access.
--- End quote ---
That would be cool as long as you don't need to know how to script to add your own commands. It doesn't necessarily need to be an in-game method of doing it but it should be as simple as just typing the command in the right place.