Name Exploit Fix.. Any bugs?

Here it is:

[lua]
function FindExploitPatterns( txt, pattern, start )
return string.sub( txt, string.find( txt, pattern, start ) )
end

function FixExploitableNames( pl )
if FindExploitPatterns( pl:Nick(), “[%;%”%’%/]" ) then
pl.PlayersNewName = string.gsub( pl:Nick(), “[%;%”%’%/]", “”)
end
end
hook.Add( “PlayerInitialSpawn”, “NameExploitFix”, FixExploitableNames )

local meta = FindMetaTable( “Player” )

meta.SteamName = meta.Name
meta.Name = function( self )
if self.PlayersNewName then
self:ChatPrint( “Your name includes one of the invalid characters (; " ’ /). These characters have been removed from your name.” )
return self.PlayersNewName
else
return self:SteamName()
end
end
meta.Nick = meta.Name
meta.GetName = meta.Name

meta = nil
[/lua]

It is located in garrysmod/gamemodes/sandbox/gamemode and is added to the init.lua to be included.

It doesn’t work. Any bugs?

[editline]04:03PM[/editline]

P.S. I’m new to string formatting.

The markup in your post should give you the answer, you’re not escaping your strings properly

[Escaping

http://wiki.garrysmod.com/favicon.ico](http://wiki.garrysmod.com/?search=Escaping)

Or if you can’t be bothered try encompassing your strings with double brackets like these : []

Ok, I edited it, look fixed now?

[editline]04:10PM[/editline]

Btw, should I keep the %s at the beginning or change them?

Eh, how about you just make scripts that can’t be exploited, other then trying to make a fix for a exploit that can be exploited?

tmysql.escape

Well, sir, how about you learn that it could not only be my scripts. Which is why I am making this thing in the first place.

Escaping has nothing to do with his problem. The problem is that he is trying to use string.sub which is used to cut a string at a point in order to return a Boolean. Instead, by the way Lua’s if statements work, the function would always return a string, and Lua would always check and see if it was nil or not, causing the if to be true and the entire script to fail. Consider fixing that :v:

Don’t run those scripts then.