From 2b2391ab74a9fa4d0eaa1a075923bfc6844fb2a8 Mon Sep 17 00:00:00 2001
From: Rudolf Polzer <divverent@alientrap.org>
Date: Sat, 7 May 2011 21:13:38 +0200
Subject: [PATCH] turn off clientcommand whitelisting

whitelisting breaks FTEQW; instead, we now lowercase the command to get rid of possibly sAY exploits
---
 qcsrc/server/clientcommands.qc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/qcsrc/server/clientcommands.qc b/qcsrc/server/clientcommands.qc
index 922b846be..40e0fcd46 100644
--- a/qcsrc/server/clientcommands.qc
+++ b/qcsrc/server/clientcommands.qc
@@ -129,7 +129,7 @@ void SV_ParseClientCommand(string s) {
 
 	tokens = tokenize_console(s);
 
-	cmd = argv(0);
+	cmd = strtolower(argv(0));
 	if(cmd != "reportcvar")
 	if(cmd != "sentcvar")
 	if(cmd != "pause")
@@ -362,6 +362,7 @@ void SV_ParseClientCommand(string s) {
 		sprint(self, cvar_purechanges);
 	} else if(CheatCommand(tokens)) {
 	} else {
+#if 0
 		//if(ctf_clientcommand())
 		//	return;
 		// grep for Cmd_AddCommand_WithClientCommand to find them all
@@ -387,6 +388,7 @@ void SV_ParseClientCommand(string s) {
 			print("WARNING: Invalid clientcommand by ", self.netname, ": ", s, "\n");
 			return;
 		}
+#endif
 
 		if(self.jointime > 0 && time > self.jointime + 10 && time > self.nickspamtime) // allow any changes in the first 10 seconds since joining
 		if(cmd == "name" || cmd == "playermodel") // TODO also playerskin and color?
-- 
2.39.2