Change your name on steam to:
Then run a command that this plugin provides. The server will shut down. Or change your name to:
Code:
derp ; sm_kick @all
and all of a sudden, the Console kicks the entire server.
Use the client ID or even the Steam ID instead of the name. NEVER EVER EVER pass the client's name through ServerCommand()! This will allow the client to run any command from the Console as if they had (albeit very cumbersome) RCON access. And indeed, every server running this plugin is now open to this very serious exploit.
You need to replace GetClientName() with GetClientUserId(). Then put that number after the # symbol. The following are examples of commands using the User ID as a target.
Code:
sm_rof #124 3
sm_kick #534 "no mic spam allowed here sir"
sm_ban #321 0 "name changing hacker"
sm_beacon #48
etc etc etc