22.08.2004 2.50.60 Changes/Additions: * Added a 64bit Linux version for AMD64.

The 64bit version uses 64bit scrip t binaries which are not compatible with 32bit script binaries. They have the file extension .amx64. To compile for Linux 64bit, a new compiler is used: sc64. The compile and compile_all scripts have optional -32 and -64 switches to explicitely choose the compiler (for cross-compiling). * Revised Windows installer install_admin.vbs to properly detect new Steam accounts and have a more consistent user interface. Works with CS:CZ Retail version. A missing listenserver.cfg is now automatically created b y * * * * * s listenserver support. * Added format directives 'l' and 'h' for snprintf() to specify long or short values. Useful on AMD64 systems. See a Linux man page or MSDN help page for a description. * Revised plugin_CS: + Added possibility to delete previously saved map and server default restrictions. Command-syntax is admin_restrict delete map/default + Added console/screenmessage when saving/deleting default restrictions. Before you couldn't see that anything happened at all. + Added a submenu to the restrictionmenu "Restrictions defaults" wich can save, delete and apply the map and server default restrictions. + Fixed a bug where admin_restrict listed the longer list of items/weapon s (restricted or available) instead of the shorter one. + Improved version detection, using the new cvar_exists() function. + Implemented team- and playerspecific restrictions. New CVARs: * mysql_port to set the port of the MySQL server if it differs from the default port. (Patch #888683, by Indan Zupancic) Bug Fixes: * Fixed some issues in listenserver user detection. * Fixed an exploit in admin_passwd. * Fixed an exploit on servers with amv_private_server set. Users could join a server under their registered name and then change their nickname to an unregistered name without getting kicked. the installer. The uninstaller has been updated accordingly. Added cvar_exists() scripting function to check if a cvar exists or not. The function returns 1 if a cvar exists, 0 if not. (Patch 908067 by Kevin Masterson. Added get_timer() scripting function. It returns a value describing the status of the timer index passed in. Added valid_mapex() scripting function. It allows the valid map check to bypass the map.ini check and just check for the existance of the map. Admin Mod is now unloadable at any time. It is still only loadable on server start, though. Allow the use of the loopback IP 127.0.0.1 in the users.ini file. Improve

* Fixed rare crashes due to NULL pointer access when starting plugins. * Fixed the server crashing instead of exiting cleanly when Admin Mod calls exit during startup, e.g. because the scripting engine could not be loade d. 04.01.2004 2.50.59 Changes/Additions: * Added motd() scripting function to display a message of the day window. * Added admin_motd command to plugin_base. * Users starting a Windows listenserver will automatically be authenticated and do not need to provide a password anymore. Access levels for reserved slot and reserved nickname are granted by default. All other access levels depend on an entry in the users.ini file. Bug Fixes: * Revised version of plugin_CS. * Fixed dll version checking for Linux installer on systems without 'ident' and 'strings'. * Make free slots reporting recognise changes to reserve_type. * Fixed kicks not getting executed correctly. 05.10.2003 2.50.58 Changes/Additions: * Reserved nicknames, reserved slots and private servers work correctly with Steam servers. This means full Steam support now. * Fixed the problem of admins losing access rights upon mapchange. * The plugin_info() function is no longer triggered in plugins before the plugin_connect() function is called for a connecting player. * Added support for #include directive to .ini config files which will include another config file. The filename must be enclosed in double quotes ("") or angular brackets (<>). When using #include "file" the file is searched relative to the directory that the including file is in. When using #include <file> the file is searched relative to the MOD directory (e.g. cstrike). The former version is probably easier for most users. Added support for loading plugins from a directory either by specifying a directory name in the plugins.ini file or by using a directory name in admin_plugin_file. All files that end in .amx are loaded from the directory in alphabetical order. To prevent a file from loading, simply add .noload to the end of the filename. A PostgreSQL version of Admin Mod is now available, donated by Idy and AKP. Allow for no plugins being loaded. A warning will still be written to the logs in case this wasn't what the admin intended. Added admin_cmd as a shorter version of admin_command. Both can be used. Made admin_version directly accessible from the server console. CS timelimit reporting is now accurate under Windows, too, for CS 1.6. This does not work with CS 1.5, where timelimit may still be off under Windows. Changed selfmessage() message buffer size to LARGE_BUF_SIZE. Reformatted userlist() output, added access right and immunity status.

* * * * * * *

* Changed plugin_CS to work with CS 1.6. Weapon restriction function has been changed considerably. Settings can be made permanent from the console, admin_restrict can be used with weapon names. New CVARS: * Read-only cvar ami_sv_maxplayers: contains the server's original maxplayers value. Can be used by third party server browsers. * PostgreSQL version: pgsql_database pgsql_dbtable_ips pgsql_dbtable_models pgsql_dbtable_plugins pgsql_dbtable_users pgsql_dbtable_tags pgsql_dbtable_words pgsql_host pgsql_port pgsql_pass pgsql_user pgsql_preload pgsql_users_sql pgsql_tags_sql The pgsql_port cvar specifyies the port of the PostgreSQL server. For a local server using Unix Domain Sockets instead of TCP/IP the local UDS file is used, e.g. pgsql ".s.PGSQL.5432" with pgsql_host "/tmp". All other cvars work like their MySQL counterparts. Bug Fixes: * Fixed admin_tsay and admin_csay commands so that say text doesn't have to be enclosed in quotes. * Another fix to the strbreak() scripting function. * Fixed docpath and Specify() bugs in Win32 installer. * Do not run plugin_info() for a kicked player. * Fixed bug with CS timelimit not working correctly with Linux server. * Fixed Linux version of Small compiler to handle DOS files and work when no PWD envvar is set. * Fixed exploit which would allow players to switch their name to a reserved IP and gain access rights associated with that IP. * Fixed free/reserved slot reporting to be more robust. * Fixed exploit in plugin_antiflood. * Have "" be accepted as "undefined" in adminmod.cfg for all file and string cvars. * Fixed reject and kick messages to work with old and new clients. 15.07.2003 2.50.56 Changes/Additions: * Many xxxsay commands can now wrap too long lines on the fly to prevent clients from crashing. * Made fade-in time for centersay half the display time. * Added scripting function centersayex() which prints centersay() text to only one user exclusively. * Updated Small language version to 1.8.4. * Added MD5 hashes as an encryption method for passwords. * New semantic for the encrypt_passwords CVAR, it now takes four possible

* * * * * *

* * * *

values: 0: no encryption 1: encrypt using Unix crypt() 2: encrypt using MD5 hashes 3: encrypt using MySQL PASSWORD() (MySQL version only) The crypt() and MD5 encryption are available in both Linux and Windows versions, the MySQL PASSWORD() method is only available in the MySQL version of Admin Mod. The mysql_usePASSWORD cvar was obsoleted by the new encrypt_password settings and has been removed. Admin Mod can now convert script binaries between Windows and Linux format on the fly during loading. Changed admin_password command to admin_login command. Made diagnostic output displayed to the admin while connecting more verbose to make the login process more transparent to the user. Added parameter to get_userIP() scripting function which can be used to get the client port returned. Added support for DoD Retail and Steam clients. Admin Mod does now support Valve and Steam Ids. Both the new and the old Valve/Steam Id formats are supported. Valve/Steam Ids are added to the users.ini file without escaping the colons. Added ADMINMOD_VERSION #define to admin.inc include file. It can be used to check for the AM version of the include files in scripts. Updated Windows installer to work with DoD Retail installations. If Admin Mod cannot find the admin_plugins_file CVAR defined it will attempt to load the adminmod.cfg file from the addons/adminmod/config directory. Removed client say "I'm free, I'm free" from admin_unbury command.

New CVARS: * mysql_database: (default "") This cvar can be used to preselect the database that Admin Mod should connect to instead of specifying it in the mysql_dbtable_* cvars. So instead of using mysql_dbtable_users "amdb.users" mysql_dbtable_words "amdb.words" one can choose to use mysql_database "amdb" mysql_dbtable_users "users" mysql_dbtable_words "words" Bug Fixes: * Fixed a bug where the installer would choose to install a new line in liblist.gam instead of activating an existant inactive one. * Disabled port comparison for authenticating reconnecting users since the port may change due to NATed connections. On LANs the port is still checked. * Fixed a bug in MySQL PASSWORD encryption, causing Admin Mod losing snyc with the database server under certain circumstances. * Fixed bug in admin_ban, preventing it from banning by IP correctly. * Added workaround for broken kick command in 3111 server versions. * Fixed strbreak() scripting function. * Fixed numerous small bugs in the Windows installer. * Fixed a few minor bugs in the Linux installer. Better handling when run under Bash version 1. * Fixed potential buffer overflow due to wrong snprintf() usage. * Fixed reject message to get properly displayed in the message box of DoD

Retail and Steam clients. * Fixed ban() function to work with DoD Retail servers. Tools: * amxconvert: Added support for AMX file version 5 (from 1.8.4). * encrypt: Added a new commandline tool "encrypt" to encrypt passwords with either Unix crypt() or MD5. 21.03.2003: 2.50.52 Changes/Additions: * Added bBanBoth option to ban() function which will ban both ID and IP when provided with a name or ID. * Added sm_reg as registered command for exec() * Moved client_exec notice to post function to get it displayed last. * Removed 'unbindall' from allowed execlient() commands. * Added default value (0) for amv_private_server * Changed sqlPASSWORD to me OFF by default * Changed say() message in admin_slayteam to say "Team xy was struck down..." instead of a player name. Could also be changed to list all players on that team, but that may flood the clients. * Made the meta-interface mismatch message an INFO message and more precise. Bug Fixes: * Fixed exploit: LogPrintf() was used with a supplied string as format string, allowing a format exploit. * Fixed client exploit: We do now replace non-printable characters with '.' for admin commands and strings sent to a client via ClientPrint(). This is in order to screw hack code. Still not a safe solution against this exploit but that can only be implememted on a client. It has nothing to do with Admin Mod. * Fixed not being able to use Steamids in the password column in users.ini, which is necessary to link a name to a Steamid. * Stop server from crashing when running a timer without the timer entity being present. * Stop plugins killing another plugin's timer. * Fixed bug in filesize() where a line was counted multiple times when it was longer than BUF_SIZE. * Fixed bug in writefile() messing up EOLs under Win32. * Fixed a bug crashing a server when the mySQL PASSWORD() returned a NULL pointer. * Fixed typo in CVar name which prevented mySQL PASSWORD() encryption from working. * Fixed bug loading AMX DLL from Win32 network drive. * Fixed a bug in admin authentication code. * Linux installer: Fixed bug not detecting MM version when it had no patch number. Fixed problems with Bash under FreeBSD. Tries to remember the server directories it has already installed to. Tools: * amxconvert: CLI: quit if both -u and -w are used.

* amxconvert: Added Windows CLI version. 21.10.2002: 2.50.50 Changes/Additions: * Added customized libc functions for efficiency. * New scripting functions: get_userFrags(), get_userHealth(), get_userTeam(), get_userArmor(). * Added the option to use an IP in the users.ini file to grant access rights by IP. * Script functions called from plugin_init() or as the result of a vote will be called with access rights of the server console. * Changed DLL/DSO loading mechanism. The amx_admin.dll/.so will be loaded from the same location as the admin_MM DLL/DSO and can thus be moved out of the /dlls directory, too. * mySQL: Changed name of mySQL version DLL to admin_MM_mysql.dll. * mySQL: Added possibility to use the mySQL PASSWORD() function to encrypt passwords in the users/tags/models table. To switch from crypt() to PASSWORD() encryption, set mysql_use_sqlPASSWORD to 1. * Added Steamid support. See Note about mySQL usage below. * Changed to static linkage with libstdc++. * Changed team lookup. Spectators will now be reported to be in team TEAM_SPECTATOR and HLTV proxies will be reported to be in team TEAM_PROXY. * Added (BETA!) functionality to check for missing/broken entities. This is not a problem of Admin Mod but we may still be able to gather information for VALVe. Adding "melog1" to amv_beta_enable will switch on checking and logging of broken entities. Adding "mefix1" will attempt to fix them. A fix can also be triggered from during the game by using "admin_adm mefix". * Added a warning in the log when a plugin cannot register all of its native functions. * A vote no longer accounts for bots when admin_bot_protection is on. * Match a player not only by IP but also by port when re-authenticating him. * Better debug info for checking lost permissions on mapchange (hopefully). * Corrections made to make nextmap() more accurate. Works only when maps are changed with admin_ commands. * Changed player lookup in order to prevent exploits where players use the wonid of an admin as their name. Numbers to admin_commands can be escaped with a backslahs to prevent them from being interpreted as a name. * Added console message to clients when connecting to a server with allow_client_exec enabled. * Made leading underscore compulsory for password_field values Bug Fixes: * Fixed a bug kicking players with ';' in their nicks. * Username length set to match engine limit of 33 chars. * Fixed security hole in exec() scripting function. It does not allow unquoted semicolons anymore, nor the use of 'admin_command'. The following exception applies: strings starting with "logd_reg" or "sm_register" are allowed to contain "admin_command". This is to allow registering commands for LogD and StatsMe to work.

* * * * * * * * * * * * * *

Additional commands can be added for other third party MM plugins with the amv_register_cmds CVAR. Fixed a bug in the AM timer code. Fixed a bug causing player nicks starting with a number to be mistaken for a sessionid or wonid. Obsolete CVAR password_timeout removed. Fixed a bug that prevented the use of empty passwords in users.ini. Fixed a bug in player lookup function. Fixed a bug counting connected players incorrectly and thus filling reserved slots. Fixed playerinfo() function writing to default values of optional parameters. Changed users.ini parsing function not to bail out if a line with an entry ends with an comment. Fixed "Unknown command" message when executing a command without proper access permissions. Fixed a memory leak in the Small AMX which would result in heap-stack collisions. Fixed get_userorigin() to not print debug messages to the client. Fixed that the Highlander was not reevaluted when the current Highlander left the server. admin_reload did not have an immediate effect on connected player access rights. Removed stray line-endings from commands passed to plugins.

New CVARS: * amv_log_passwords: (0/1, def:0) If set to 0, passwords will not be logged in cleartext by debug messages. * amv_register_cmds: Space separated list of registering commands similar to "logd_reg" of LogD and "sm_register" of StatsMe to allow the use of "admin_command" with the exec() scripting function. * mySQL: mysql_use_sqlPASSWORD: (0/1, def:0) If set, passwords will be encrypted with the mySQL PASSWORD() function. * amv_vote_duration: (def:30) Controls how long a voting session takes. * amv_enable_beta: to enable various beta options disabled by default.

30.01.2002: 2.50.26 Changes/Additions: * Changed authentication checks: if the "username" field from the users.ini is a valid integer it ONLY allows for WONID checks (to stop players having their name the same as a valid wonid and stealing the password). * Added linkage between reserved nickname and WONID. When a nickname gets reserved with rights -16384 in users.ini and the password is the WONID then only this WONID can use the nickname. The password provided by the client is not checked. * Converted directmessage() function to print to the chat area. This corrects the spamming changes to be visible to clients without having to be in the console.

* Changed command line parsing to preserve quotes. * Added the Directmessage function to send messages to clients who are connecting and cannot be looked up normally. * admin_ban will ban by IP if sv_lan is set to 1. * Added execclient_all() function. * Added admin_dmesg() command * ban() now takes three parameters. It is possible to ban by IP or ID. * Switched from an allow-list to a deny-list for exec_client(). * Removed checks for spectator and proxy since this was fixed in an update from Valve. * Added private server mode where only users authenticaed users can join. * Added code to help with Admin's getting dropped at map change. * plugin_CS.sma: Disabled name changes for dead players. * Added a parameter to changelevel() which will send the client to the intermission x seconds before the map is changed. * Moved the ChangeMap() function to adminlib.inc since it gets used by the dll currently. This way every plugin including adminlib.inc can use the changelevel() function. * Disable ability for players to change names when dead. Now changes names back for them. * Moved admin_dmesg from plugin_message.sma to plugin_base.sma * plugin_CS.sma: Disable "showbriefing" when restrictions are enabled. * Added admin_banip

Bug Fixes: * Updated prototype declaration of auth() in admin.inc to correct default value. * Fixed bug causing writeip not getting executed in ban(). * Fixed banning by IP in ban(). It did not call banip with the time which made banip fail. * Fixed Csay, it now >= tests line lengths. Messages of exactly 80 chars will not be allowed rather then simply not working. * Fixed crashes when clients connected. * Fixed bugs in reserved slot hiding. * Fixed bug in mysql_tags_sql. * Fixes password comparison for nickname checks. * Fixes bot protection never getting turned on correctly as it was bound to reserve_slots, not to admin_bot_protection. * Fixed checking for regex reserved names. * The configurable reconnect time frame for different slot connections still used the fixed value and not the CVar value. * Fix HandleSay style functions that would not work when there were quotes surrounding the messages from clients.

New CVARS: * amv_private_server and amv_prvt_kick_message: When amv_private_server is set to one, only users listed in users.ini or users table can connect to the server.

24.10.2001: 2.50.09 Changes/Additions: * Removed amv_autoban, replaced it with amv_anti_cheat_options. * Added BillDoor's suggestion against the TFC spectator cheat. * Increased line buffer size to LARGE_BUF_SIZE for readfile() and writefile() * Using sv_visiblemaxplayers to hide reserved slots from normal players. * Added a time window which allows for users to reconnect into a different slot. (For CS dropping problems). * Remove client passwords from clients to prevent password stealing. * Set mp_timelimit to 2 instead of 1 on mapchanges.

Bug Fixes: * Fixed the bug reporting the wrong slots number on reserve_type 1 * Fixed bug in reserved slot counts for reserve_type 2. * Prevent sending messages to proxies and spectators, needed due to a bug in the HTLV code. * Changed admin_ban and admin_kick to not use players name for immunity lookup.

New CVARS: * amv_reconnect_time: Admins can set this to enable the reconnect without reauthing again. The value is the time windows during which an admin can reconnect joining into a different slot and still be authed. Max is 90.

Tools: * Added .amx converter tool to convert compiles Small scripts between Linux and Windows format. Written with Qt for cross-platform GUI. A Windows GUI and a Linux CLI version are available.

18.06.2001: 2.50e Changes/Additions: * * * * * * Enabled playerinfo with bots again. Added some AHL and SI commands to client_exec list. Added mysql tag to the version info. Added system error reports to CPlugin::LoadFile() function. Added the plugin_exec() function to call commands from other plugins. Moved ACCESS_EXECCLIENT to 65536.

* Updated plugin_messagemode to use the plugin_exec() function on admin_ commands

* Redid the mp_timelimit storing to make it more efficient.

Bug Fixes: * Fixed a bug in the bad name detection. make_friendly replaces % now with spaces instead of deleting them. * Fixed a bug in the logging functions of centersay et al which messed up the formatting. * Fixed the bot_protection in teleport() not showing special fx. * Fixed a bug in the timer, checking against MAX_PLAXERS instead of NUM_TIMERS * Added checks after each player index lookup to protect against referencing NULL pointers. This also fixes a bug crashing the server in playerinfo() when cycling through player indices. * Updated plugin_bat and plugin_all.bat to work with Win95 and WinNT.

09.06.2001: 2.50d Changes/Additions: * writefile() now creates a new file also if it isn't called with the append parameter (-1). * admin_connect_msg and admin_repeat_msg can be turned off by setting them to "0". The repeat frequency is set with the cvar admin_repeat_freq. Minium value is 15 seconds. * Check for player names with non-printable characters which would crash other clients. They are denied access. If they change name in mid-game, their HL is closed on the client machine and a 24h ban issued depending on the setting of amv_autoban. * tsay(), centersay() and rainbow() messages get logged in the logs with newlines replaced with "\n" strings. * Added KillGlow() command to stop glowing when admin_fun is turned off.

Bug Fixes: * Added more bot protections if admin_bot_protection is on. It should work now also if admin_fx is turned on.

New CVARS: * amv_autoban: If set to 1 a player that tries to crash the server with non-printable characters is banned for 24h. * admin_repeat_freq controls the frequency of admin_repeat_msg.

01.06.2003: 2.50c Changes/Additions:

* * * *

Provides dll version information under Windows. Added slay() function which is independant from allow_client_exec Log string size has been increased to LARGE_BUF_SIZE. Removed ' * ' from the list of comment characters

* admin_map and admin_map_vote restore the mp_timelimit after a map change even if it isn't set in the server.cfg file.

Bug Fixes: * * * * * * * * * * * * * * * * * Modified teleport to work with bots even if admin_fx is turned on. Fixed a memory leak in AM items list code. Redone the vote_multiple fix to prevent buffor overflows. Added declaration of rainbow() to admin.inc. Fixed the crashes of pointto() and gettarget() under Linux. Fixed a bug of registered commands not showing up in admin_help. Fixed getteamcount(). Added a few clean initializations and security checks in AM_ClientConnect(). Fixed one bug writing beyond a buffer in AM_ClientConnect(). Fixed voting so that certain implementations of snprintf() don't cause only the last item to show. Also added in code for setting the maximum valid choice in a vote. Votes for invalid numbers (eg, 5 when there are only 2 choices) are ignored. admin_vote_echo can be used to echo the votes. Fixed a bug crashing the server when certain commands were executed from the console. Removed linefeeds that had gotten themselves put in the middle of strings. The wrong time bug in ban() has been fixed. Hide the timer entity. This removed the crashes in TFC. Added MySQL patch from Jon Paul Nollmann (jpnollmann@adace.com), should make MySQL queries more robust Bug in the tallying of votes that would leave the last option with any votes the winner fixed.

* The say_command override respects admin_quiet 1. * Fixed maxextend bug (admin_vote_maxextend <= 0 was not disabling extend vote as promised) * admin_slay now honors admin_quiet. * admin_vsay now respects vote_allowed. * admin_balance was still using 'admin_tfc_balance', when the cvar was renamed to 'admin_balance_teams'.

Tools: * make_pass: Updated version because the username isn't needed anymore