// sv_user.c -- server code for moving users
#include "quakedef.h"
-
-cvar_t sv_edgefriction = {0, "edgefriction", "2", "how much you slow down when nearing a ledge you might fall off"};
-cvar_t sv_idealpitchscale = {0, "sv_idealpitchscale","0.8", "how much to look up/down slopes and stairs when not using freelook"};
-cvar_t sv_maxspeed = {CVAR_NOTIFY, "sv_maxspeed", "320", "maximum speed a player can accelerate to when on ground (can be exceeded by tricks)"};
-cvar_t sv_maxairspeed = {0, "sv_maxairspeed", "30", "maximum speed a player can accelerate to when airborn (note that it is possible to completely stop by moving the opposite direction)"};
-cvar_t sv_accelerate = {0, "sv_accelerate", "10", "rate at which a player accelerates to sv_maxspeed"};
-cvar_t sv_airaccelerate = {0, "sv_airaccelerate", "-1", "rate at which a player accelerates to sv_maxairspeed while in the air, if less than 0 the sv_accelerate variable is used instead"};
-cvar_t sv_wateraccelerate = {0, "sv_wateraccelerate", "-1", "rate at which a player accelerates to sv_maxspeed while in the air, if less than 0 the sv_accelerate variable is used instead"};
-cvar_t sv_clmovement_enable = {0, "sv_clmovement_enable", "1", "whether to allow clients to use cl_movement prediction, which can cause choppy movement on the server which may annoy other players"};
-cvar_t sv_clmovement_minping = {0, "sv_clmovement_minping", "0", "if client ping is below this time in milliseconds, then their ability to use cl_movement prediction is disabled for a while (as they don't need it)"};
-cvar_t sv_clmovement_minping_disabletime = {0, "sv_clmovement_minping_disabletime", "1000", "when client falls below minping, disable their prediction for this many milliseconds (should be at least 1000 or else their prediction may turn on/off frequently)"};
-cvar_t sv_clmovement_waitforinput = {0, "sv_clmovement_waitforinput", "16", "when a client does not send input for this many frames, force them to move anyway (unlike QuakeWorld)"};
+#define DEBUGMOVES 0
static usercmd_t cmd;
-
/*
===============
SV_SetIdealPitch
// noclip
VectorCopy (wishvel, host_client->edict->fields.server->velocity);
}
- else if (onground && (!sv_gameplayfix_qwplayerphysics.integer || !(host_client->edict->fields.server->button2 || !((int)host_client->edict->fields.server->flags & FL_JUMPRELEASED))))
+ else if (onground && (!sv_gameplayfix_qwplayerphysics.integer || !host_client->edict->fields.server->button2 || !((int)host_client->edict->fields.server->flags & FL_JUMPRELEASED)))
{
SV_UserFriction ();
SV_Accelerate ();
the angle fields specify an exact angular motion in degrees
===================
*/
-extern cvar_t sv_playerphysicsqc;
void SV_ClientThink (void)
{
vec3_t v_angle;
void SV_ReadClientMessage(void)
{
int cmd, num, start;
- char *s;
+ char *s, *p, *q;
//MSG_BeginReading ();
sv_numreadmoves = 0;
break;
case clc_stringcmd:
+ // allow reliable messages now as the client is done with initial loading
+ if (host_client->sendsignon == 2)
+ host_client->sendsignon = 0;
s = MSG_ReadString ();
+ q = NULL;
+ for(p = s; *p; ++p) switch(*p)
+ {
+ case 10:
+ case 13:
+ if(!q)
+ q = p;
+ break;
+ default:
+ if(q)
+ goto clc_stringcmd_invalid; // newline seen, THEN something else -> possible exploit
+ break;
+ }
+ if(q)
+ *q = 0;
if (strncasecmp(s, "spawn", 5) == 0
|| strncasecmp(s, "begin", 5) == 0
|| strncasecmp(s, "prespawn", 8) == 0)
Cmd_ExecuteString (s, src_client);
break;
+clc_stringcmd_invalid:
+ Con_Printf("Received invalid stringcmd from %s\n", host_client->name);
+ if(developer.integer)
+ Com_HexDumpToConsole((unsigned char *) s, strlen(s));
+ break;
+
case clc_disconnect:
SV_DropClient (false); // client wants to disconnect
return;
projects / xonotic / darkplaces.git / blobdiff