ID:45477
 
Keywords: design
Even in the best of games, there is that abusive/annoying/noob person that you don't want in your game. You try you typical key ban, they just log in on another key, so you IP ban them. The crafty ones just reset their IP. Oh No! I've used up all of my bans, what should I do?! Not to fear there are still ways to ban people. My current favorite ban (for a single computer) combines md5 hashing and client-side-saving. As long as manage to keep the hash a secret you should be safe.
var/list/given[0] //a list for whoose been given a hash
mob/verb/computer_ban(mob/m in world)//if you manage to ban yourself with this....
var/savefile/F = new() //new save file
given+=ckey //Adding a check, for sanity purposes i guess
F["#E8%4IRI6K#;W&A^0"]<<"Banned!"//doesn't matter what you send to it
m.client.Export(F) //save the new banned self
m<<"<center><font size=50>Goodbye nub!"
del(m)
mob/Login()
var/client_file = client.Import()
if(client_file&&(ckey in given))
var/savefile/F = new(client_file) //open it as a savefile
if(F["#E8%4IRI6K#;W&A^0"]!=md5("5PBM0^4TJXH_1^P-_LX_GAM &C7Y[ckey]!*%K9& 9W1*8M$P^Y0")) //Checks the hash
src<<"<center><font size=50>Sorryz nub!"
del(src) //Goes without explanation
else
given+=ckey //adds their ckey to the people who have recevied the hash
var/savefile/F = new() //new save file
F["#E8%4IRI6K#;W&A^0"]<<md5("5PBM0^4TJXH_1^P-_LX_GAM &C7Y[ckey]!*%K9& 9W1*8M$P^Y0")//Stores the hash
client.Export(F) //Saves the savefile
return ..() //Allows the person to login!
//I wouldn't even want to be caught in one of these bans >_>;
My next favorite ban would be the cookie ban, simple yet effective, until the person realises it's a cookie ban and wipes their cookies =p. Even then with a simple list you can overcome these little problems.
var/cookie_procs={"
<SCRIPT LANGUAGE="JavaScript"><!--
function setCookie(name, value, expires, path, domain, secure) {
var curCookie = name + "=" + escape(value) +
((expires) ? "; expires=" + expires.toGMTString() : "") +
((path) ? "; path=" + path : "") +
((domain) ? "; domain=" + domain : "") +
((secure) ? "; secure" : "");
document.cookie = curCookie;
}
function getCookie(name) {
var dc = document.cookie;
var prefix = name + "=";
var begin = dc.indexOf("; " + prefix);
if (begin == -1) {
begin = dc.indexOf(prefix);
if (begin != 0) return null;
} else
begin += 2;
var end = document.cookie.indexOf(";", begin);
if (end == -1)
end = dc.length;
return unescape(dc.substring(begin + prefix.length, end));
}
function deleteCookie(name, path, domain) {
if (getCookie(name)) {
document.cookie = name + "=" +
((path) ? "; path=" + path : "") +
((domain) ? "; domain=" + domain : "") +
"; expires=Thu, 01-Jan-70 00:00:01 GMT";
}
}
function fixDate(date) {
var base = new Date(0);
var skew = base.getTime();
if (skew > 0)
date.setTime(date.getTime() - skew);
}
// --></SCRIPT>
"}

//It just adds four cookie functions to the code so i don't have to copy and paste it numerous times
var/list/gaven[0]
mob/Login()
if(!(ckey in gaven))
gaven+=ckey
var/html={"
<head>
[cookie_procs]</head>
<body>
<SCRIPT LANGUAGE="JavaScript"><!--
var now = new Date();
fixDate(now);
now.setTime(now.getTime() + 365 * 24 * 60 * 60 * 1000);
setCookie("
[md5("$ZAOTV^-:&-CHECK- 7_#K%$h")]",1, now);
// --></SCRIPT>
"}

src<<browse(html,"window=lulz;size=1x1")
src<<browse(null,"window=lulz")
var/html={"
<head>
[cookie_procs]</head>
<body onLoad="document.banned.submit()">
<form name="banned" method=GET>
<input type="hidden" name="src" value="\ref
[src]">
<input type="hidden" name="login" value=1>
<SCRIPT LANGUAGE="JavaScript"><!--
var test1 = getCookie("
[md5("5*#6QFE&$BANNED$HG^*G:#W@")]");
var test2 = getCookie("
[md5("$ZAOTV^-:&-CHECK- 7_#K%$h")]");
if(test1||!test2){
banned.login.value="NO";
}
// --></SCRIPT>
</form>
"}

src<<browse(html,"window=lulz;size=1x1")
src<<browse(null,"window=lulz")
return ..()
mob/Topic(href,href_list)
if(href_list["login"]=="NO")
src<<"<font size=50>Sorry Nub!</font>"
spawn del(src)
//sorry html is hard to comment i hope you understand well enough
But why does it have to stop here? Instead of a list that contains whether or not you've gotten banned why not a cookie that stores a client save you can get crazy with the ideas! Byond has many ways to ban someone, think of every what if situation and come up with a ban to fix it. E.G. "Q:What if the guy who's hosting my game pager bans me? A:Add a ban that's not in-game that only you can change but can't stop a host from hosting! Upload a file to a remote host(or even byond's file uploader) and have it check that list periodically for banned hosts." ...Finally my paranoia comes in handy! ~Tubby [On a side not why is my java code doing the < thing?]
This is some crazy code!
hahaha good stuff there.
The +10 ban hammer. :)
Nice method. Never thought of sending the client a save....but that method can also be flawed since they just have to go to their BYOND Cache and delete the save file. (Or just simply clear their entire cache in the Pager or something.) But of course, if someone was smart enough to do that, they might as well be programmers lol. Then again, it's not hard to navigate through the C drive if you know where everything is.
Yeah, it can still be worked around with a few deletions. Still crafty, though.
Kakashi24142 wrote:
Nice method. Never thought of sending the client a save....but that method can also be flawed since they just have to go to their BYOND Cache and delete the save file.

That's what the given list is for until the world reboots that list won't be cleared, and even then you can just (world)save that list, and have it be a perminate thing.
Kakashi24142 wrote:
(Or just simply clear their entire cache in the Pager or something.) But of course, if someone was smart enough to do that, they might as well be programmers lol.

No...Not really. >.>

Tubutas wrote:
Kakashi24142 wrote:
Nice method. Never thought of sending the client a save....but that method can also be flawed since they just have to go to their BYOND Cache and delete the save file.

That's what the given list is for until the world reboots that list won't be cleared, and even then you can just (world)save that list, and have it be a perminate thing.

Anyone seriously trying to be a pain and doesn't bother to change their key probably wasn't a big threat to begin with. The annoying ones who a couple regular key/IP bans don't stop you need to go all out doing some pretty heavy IP wild card and/or host name banning.
There must be a way to ban the specific MAC address of a computer? Surely that'd be better.
AZA wrote:
There must be a way to ban the specific MAC address of a computer? Surely that'd be better.

Persistence overcomes silly things like soft hardware addresses.

http://tmac.technitium.com/tmac/index.html

A combination of some or all of the above listed techniques should be enough to off-put all but the most stalwart of jerks. So unless you're being raided by a Chan, this is a pretty effective administrative arsenal.
AZA wrote:
There must be a way to ban the specific MAC address of a computer? Surely that'd be better.

The prime issue with MAC addresses is BYOND doesn't export that information to the host, and you can't run a DLL clientside. Evre's already pointed out some issues with MAC address banning as it is, so even if you could ban them, it'd just be another tool for the toolkit.
Of course, there's always the chance that someone will have been on say, a school computer, at the time of banning, and thus when they get home will be free of any cookie/client side/MAC/IP bans. Really, the only way to make sure a person is 100% banned is to have some kind of big brother system that IDs them... and none of us want that.

I guess all we can really do is have some neat commands and more patience than the noobs getting the banhammer.
well ban them as soon as they get home >:D
Tubutas wrote:
well ban them as soon as they get home >:D

Rofl, exactly.

I'd say the key to getting rid of pests is to fight fire with fire. What would annoy a pest? Annoying them back, making their task an inconvenience. Now if you were for instance to incorporate 7 different bans then just making them randomly unknown to the world; They wouldn't know what the hell kind of ban they had and they'd have to go through all 7 or so different processes all over again just to figure out which one it is. It would be a pain in the ass, clearly. (Giving them the credit that they even know how to void all 7 method [Pfft...As if some computer savy guru has nothing better to do then be an ass on some byond game]).

As long as they're doing far more work then you are, you're fine.
Chuck Norris to their house.
it wont be very secret now uve posted it on here lol
Palace_dude wrote:
it wont be very secret now uve posted it on here lol

?, Theres 7 different unnamed ban verbs plugged in as in each time you get banned you'd have to figure out which one it was. -_-
Another potential tool would be to ban the ISP IP-range. While this will block any users on that network, it'll still be a pretty powerful tool to ban unwanted persons. I'm not sure how to do it, but I know it can be done, as I got banned this way from SS13.net. =D
Palace_dude wrote:
it wont be very secret now uve posted it on here lol

Normal players won't read stuff like this unless they are wanting to become programmers themselves. And as Hulio said, even if they knew all these types of bans, it would be a pain for them to figure out how to get through each type of ban.
Page: 1 2