GM:PreConCommand() and GM:PostConCommand()

[VaasKahnGrim]

two hooks for getting the moment before and after a ConCommand has been run in the players console. both hooks being able to see which player, the command and the args put into it.

[ThatLing]

What would you use this for?

[VaasKahnGrim]

for getting when a secific user has used a concommand and doing something just before and doing something after a user has used it.

Would be useful for blocking access to certain concommands that are written in the engine and not lua.

[thegrb93]

Pretty sure this has been requested since 2007 but was decided to not be a good idea.

[neico]

It's all well and funny until someone blocks rcon, rcon_password, kickid, kickip, kickall, banid, banip, sv_password, map and changelevel, no thank you. Not to mention the ability to spy on the args being entered so they can be sent to someone external.

[VaasKahnGrim]

maybe people should quit trying to enter in commands and variables they know they shouldn't be playing with

[thegrb93]

@VaasKahnGrim you misunderstood what he was saying.

[VaasKahnGrim]

it sounds like he's worried that somebody will see what commands and cvars he tries to set on clientside. but that would only be an issue of concern if somebody was messing with cvars and args that they weren't supposed to

[ThatLing]

Why am I not allowed to change the settings of my own game? Like neico said, being able to block concommands is a huge security risk. The only legit use for this that I can think of, is to detect cheats but this is such a stupid way to detect them.

[VaasKahnGrim]

ok, then if people are worried about their commands being blocked, make it where it can only see what the command was and who ran it but not prevent it from running or anything

[ThatLing]

What's the use case for this besides detecting cheats? (which, as i said, is a stupid way of detecting cheats)

[VaasKahnGrim]

Detecting people attempting to use RCON the moment they join, putting in a means of providing more infromation about default sorce engine commands(because valve decieded to keep descriptions too simple), user statists for things like user rate settings(because some people do change these on their end) and I'm sure quite a lot of other things aswell

[ThatLing]

Detecting people attempting to use RCON the moment they join

Why does this matter? Just disable rcon if you're so scared about it.

putting in a means of providing more infromation about default sorce engine commands

Again, why does this matter? If you want more info about certain commands, google them. Your players don't give a shit if you add more info to certain default concommands.

user statists for things like user rate settings

I have no clue what a user statists is but consider using cvars.AddChangeCallback to check players changing convars.

[VaasKahnGrim]

Disabling RCON is a given, its still useful to know of people attempting to use it. those are the people you'd want to keep an eye on.

putting in the additional information on default commands ise useful to both players and staff btw(better to NOT make your team each have to go through google to learn individual commands)

as for statistics cvars callbacks are fine and dandy, but that doesn't really help when its not a cvar thats been used in console

[robotboy655]

Similar requests https://github.com/Facepunch/garrysmod-requests/issues/1135 https://github.com/Facepunch/garrysmod-requests/issues/1038

[GitSparTV]

This looks like a security issue if the hook won't have any whitelisted concommands

[mgetJane]

if it's a security risk for stuff like rcon_password or whatever, can this be added for lua concommands at least?

or something similar to cvars.AddChangeCallback for lua concommands since the only way for multiple addons to "hook" to the same command isn't very elegant right now

afaik this can be done entirely within lua