From 53789b40e4bd1211fa564d05f135226af95912b9 Mon Sep 17 00:00:00 2001
From: ohayo <fumoemail@gmail.com>
Date: Fri, 31 Jan 2025 09:17:26 +1000
Subject: [PATCH] Prevent further things from clients who dont handshake

- The player will only finish the handshake once they spawn their player, a normal client would always do this eventually.

- They cannot chat, even if they request world data but just not spawn their player.

- Other clients will not be notified of their join/leave in both cases (dont request WD or do but dont spawn)

- And most importantly, they do not show on the in game player list but still show on the server console /playing cmd.
---
 TShockAPI/Commands.cs        |  2 +-
 TShockAPI/GetDataHandlers.cs |  3 +++
 TShockAPI/TSPlayer.cs        |  3 +++
 TShockAPI/TShock.cs          | 18 ++++++++++++++----
 TShockAPI/Utils.cs           |  2 +-
 5 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/TShockAPI/Commands.cs b/TShockAPI/Commands.cs
index f7d3247a..d82f10e2 100644
--- a/TShockAPI/Commands.cs
+++ b/TShockAPI/Commands.cs
@@ -5363,7 +5363,7 @@ namespace TShockAPI
 
 			foreach (TSPlayer ply in TShock.Players)
 			{
-				if (ply != null && ply.Active)
+				if (ply != null && ply.Active && ply.FinishedHandshake)
 				{
 					if (displayIdsRequested)
 						if (ply.Account != null)
diff --git a/TShockAPI/GetDataHandlers.cs b/TShockAPI/GetDataHandlers.cs
index b736a512..8f70fd2c 100644
--- a/TShockAPI/GetDataHandlers.cs
+++ b/TShockAPI/GetDataHandlers.cs
@@ -2726,6 +2726,8 @@ namespace TShockAPI
 			short numberOfDeathsPVP = args.Data.ReadInt16();
 			PlayerSpawnContext context = (PlayerSpawnContext)args.Data.ReadByte();
 
+			args.Player.FinishedHandshake = true;
+
 			if (OnPlayerSpawn(args.Player, args.Data, player, spawnx, spawny, respawnTimer, numberOfDeathsPVE, numberOfDeathsPVP, context))
 				return true;
 
@@ -2762,6 +2764,7 @@ namespace TShockAPI
 				args.Player.Dead = true;
 			else
 				args.Player.Dead = false;
+
 			return false;
 		}
 
diff --git a/TShockAPI/TSPlayer.cs b/TShockAPI/TSPlayer.cs
index c9194c36..cb66649a 100644
--- a/TShockAPI/TSPlayer.cs
+++ b/TShockAPI/TSPlayer.cs
@@ -351,6 +351,9 @@ namespace TShockAPI
 		/// <summary>Determines if the player is disabled for not clearing their trash. A re-login is the only way to reset this.</summary>
 		public bool IsDisabledPendingTrashRemoval;
 
+		/// <summary>Determines if the player has finished the handshake (Sent all necessary packets for connection, such as Request World Data, Spawn Player, etc). A normal client would do all of this no problem.</summary>
+		public bool FinishedHandshake = false;
+
 		/// <summary>Checks to see if active throttling is happening on events by Bouncer. Rejects repeated events by malicious clients in a short window.</summary>
 		/// <returns>If the player is currently being throttled by Bouncer, or not.</returns>
 		public bool IsBouncerThrottled()
diff --git a/TShockAPI/TShock.cs b/TShockAPI/TShock.cs
index 6955efdd..ae9738cc 100644
--- a/TShockAPI/TShock.cs
+++ b/TShockAPI/TShock.cs
@@ -1399,7 +1399,8 @@ namespace TShockAPI
 				return;
 			}
 
-			Bans.CheckBan(player);
+			if (Bans.CheckBan(player))
+				return;
 		}
 
 		/// <summary>OnLeave - Called when a player leaves the server.</summary>
@@ -1439,7 +1440,7 @@ namespace TShockAPI
 
 			if (tsplr.ReceivedInfo)
 			{
-				if (!tsplr.SilentKickInProgress && tsplr.State >= 3)
+				if (!tsplr.SilentKickInProgress && tsplr.State >= 3 && tsplr.FinishedHandshake) //The player has left, do not broadcast any clients exploiting the behaviour of not spawning their player.
 					Utils.Broadcast(GetString("{0} has left.", tsplr.Name), Color.Yellow);
 				Log.Info(GetString("{0} disconnected.", tsplr.Name));
 
@@ -1460,6 +1461,9 @@ namespace TShockAPI
 				}
 			}
 
+			
+			tsplr.FinishedHandshake = false;
+
 			// Fire the OnPlayerLogout hook too, if the player was logged in and they have a TSPlayer object.
 			if (tsplr.IsLoggedIn)
 			{
@@ -1489,6 +1493,12 @@ namespace TShockAPI
 				return;
 			}
 
+			if (!tsplr.FinishedHandshake)
+			{
+				args.Handled = true;
+				return;
+			}
+
 			if (args.Text.Length > 500)
 			{
 				tsplr.Kick(GetString("Crash attempt via long chat packet."), true);
@@ -1705,14 +1715,14 @@ namespace TShockAPI
 				Log.Info(GetString("{0} ({1}) from '{2}' group from '{3}' joined. ({4}/{5})", player.Name, player.IP,
 									   player.Group.Name, player.Country, TShock.Utils.GetActivePlayerCount(),
 									   TShock.Config.Settings.MaxSlots));
-				if (!player.SilentJoinInProgress)
+				if (!player.SilentJoinInProgress && player.FinishedHandshake)
 					Utils.Broadcast(GetString("{0} ({1}) has joined.", player.Name, player.Country), Color.Yellow);
 			}
 			else
 			{
 				Log.Info(GetString("{0} ({1}) from '{2}' group joined. ({3}/{4})", player.Name, player.IP,
 									   player.Group.Name, TShock.Utils.GetActivePlayerCount(), TShock.Config.Settings.MaxSlots));
-				if (!player.SilentJoinInProgress)
+				if (!player.SilentJoinInProgress && player.FinishedHandshake)
 					Utils.Broadcast(GetString("{0} has joined.", player.Name), Color.Yellow);
 			}
 
diff --git a/TShockAPI/Utils.cs b/TShockAPI/Utils.cs
index 3b9c0286..613e7a8a 100644
--- a/TShockAPI/Utils.cs
+++ b/TShockAPI/Utils.cs
@@ -183,7 +183,7 @@ namespace TShockAPI
 		/// <returns>The number of active players on the server.</returns>
 		public int GetActivePlayerCount()
 		{
-			return TShock.Players.Count(p => null != p && p.Active);
+			return TShock.Players.Count(p => null != p && p.Active && p.FinishedHandshake);
 		}
 
 		//Random should not be generated in a method