Openaura exploit fix... /charphysdesc ~, ~safeboxcash~:amount

Sorry that this is my second question in a day folks!

I have been told off the exploit in phasefour which occurs similar to this…


/charphysdesc ~, ~safeboxcash~:amount, ~a~:~b

Essentially you change your /charphysdescription to access the SQL. How would I go about blocking this? I know it’s possible but I have no idea where to start!

If this exploit relies on the ~ character, just string.gsub for it before you do anything else.

text = string.gsub(text, “~”, “notildeforyou”)

Thanks mate.

This was fixed months ago.