mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-22 13:37:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[7046] Do more security level checks in commands using HasLowerSecurity. Make use .account set addon safe for players.

Browse source
This commit is contained in:
VladimirMangos 2009-01-07 17:47:57 +03:00
parent d12944d8f2
commit cc5fc88fb2
7 changed files with 66 additions and 92 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/mangosd/CliRunnable.cpp
View file

@ -80,19 +80,10 @@ bool ChatHandler::HandleAccountDeleteCommand(const char* args)
}
/// Commands not recommended call from chat, but support anyway
if(m_session)
{
uint32 targetSecurity = accmgr.GetSecurity(account_id);
/// can delete only for account with less security
/// This is also reject self apply in fact
if (targetSecurity >= m_session->GetSecurity())
{
SendSysMessage (LANG_YOURS_SECURITY_IS_LOW);
SetSentErrorMessage (true);
return false;
}
}
/// can delete only for account with less security
/// This is also reject self apply in fact
if(HasLowerSecurityAccount (NULL,account_id,true))
return false;
AccountOpResult result = accmgr.DeleteAccount(account_id);
switch(result)