add:TrCDK

[THEXN]

添加插件

• 插件已加入解决方案 (Plugin.sln)
• 插件项目已导入template.targets ()
• 插件信息已添加至对应manifest.json
• 插件的文件夹名字和插件的插件项目名字一样 (XXX/XXX.csproj)
• 添加插件单独的README.md文件 (XXX/README.md)
• 插件可以正常工作
• 管理员能创建、删除、更新 CDK，玩家可使用有效 CDK 兑换（执行指令）奖励。
• CDK可以设置使用次数、过期时间、组限制、玩家限制。

更新插件/修复BUG

• 插件已修改版本号
• 更新插件README.md中的更新日志
• 插件可以正常工作
• Tpallow默认允许传送

其他

• ❤️娇娇我喜欢你

Sourcery 总结

新增一个用于 CDK 管理和兑换的 TrCDK 插件，并通过在没有数据库记录或发生异常时默认允许来增强 EssentialsPlus 的传送权限处理。

新特性：

• 引入 TrCDK 插件，提供一个 CDK 兑换系统，该系统具有创建、删除、更新、列出、给予和兑换代码的命令，并由 SQLite 数据库支持。

增强功能：

• 在没有记录或发生错误时，TpAllowManager 中的默认传送权限设置为允许，并合并插入/更新逻辑
• 将 EssentialsPlus 插件版本提升至 1.1.0

构建：

• 将 TrCDK 项目添加到解决方案并导入 template.targets

文档：

• 添加包含用法和配置详细信息的 TrCDK 英文和中文 README 文件
• 使用 v1.1.0 条目更新 EssentialsPlus README 变更日志

Original summary in English

Summary by Sourcery

Add a new TrCDK plugin for CDK management and redemption and enhance EssentialsPlus teleport permission handling by defaulting to allow when no database record or on exceptions

New Features:

• Introduce TrCDK plugin providing a CDK redemption system with commands to create, delete, update, list, give, and redeem codes backed by a SQLite database

Enhancements:

• Default teleport permission to allowed in TpAllowManager when no record or on errors and consolidate insert/update logic
• Bump EssentialsPlus plugin version to 1.1.0

Build:

• Add TrCDK project to the solution and import template.targets

Documentation:

• Add TrCDK English and Chinese README files with usage and configuration details
• Update EssentialsPlus README changelog with v1.1.0 entry

[sourcery-ai]

嘿 @THEXN - 我已经审查了你的更改，发现了一些需要解决的问题。

阻塞问题:

• 直接将用户输入插入到 SQL 查询中会引入 SQL 注入风险。(link)

Prompt for AI Agents

请解决此代码审查中的评论：
## 个人评论

### 评论 1
<location> `src/TrCDK/Data.cs:30` </location>
<code_context>
+        DB.Open();
+        Command("create table if not exists Data(CDKname text,Usetime int(32),Utiltime int(64),Grouplimit text,Playerlimit text,Used text, Cmds text)");
+    }
+    public static SqliteDataReader Command(string cmd)
+    {
+        return new SqliteCommand(cmd, DB).ExecuteReader();
</code_context>

<issue_to_address>
直接将用户输入插入到 SQL 查询中会引入 SQL 注入风险。

通过直接插入参数来构建 SQL 查询是不安全的。切换到参数化查询以防止 SQL 注入。
</issue_to_address>

### 评论 2
<location> `src/TrCDK/Data.cs:24` </location>
<code_context>
+{
+    public static SqliteConnection? DB;
+    const string path = "tshock/TrCDK.sqlite";
+    public static void Init()
+    {
+        DB = new SqliteConnection($"Data Source={path};");
</code_context>

<issue_to_address>
数据库连接已打开但从未关闭，这可能会导致资源泄漏。

确保数据库连接已正确关闭，以防止资源耗尽或锁定，尤其是在多次调用 Init() 或在应用程序重新加载期间。
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{帮助我更有用！请点击每个评论上的👍或👎，我将使用反馈来改进你的评论。}

Original comment in English

Hey @THEXN - I've reviewed your changes and found some issues that need to be addressed.

Blocking issues:

• Directly interpolating user input into SQL queries introduces SQL injection risk. (link)

Prompt for AI Agents

Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `src/TrCDK/Data.cs:30` </location>
<code_context>
+        DB.Open();
+        Command("create table if not exists Data(CDKname text,Usetime int(32),Utiltime int(64),Grouplimit text,Playerlimit text,Used text, Cmds text)");
+    }
+    public static SqliteDataReader Command(string cmd)
+    {
+        return new SqliteCommand(cmd, DB).ExecuteReader();
</code_context>

<issue_to_address>
Directly interpolating user input into SQL queries introduces SQL injection risk.

Building SQL queries by inserting parameters directly is unsafe. Switch to parameterized queries to prevent SQL injection.
</issue_to_address>

### Comment 2
<location> `src/TrCDK/Data.cs:24` </location>
<code_context>
+{
+    public static SqliteConnection? DB;
+    const string path = "tshock/TrCDK.sqlite";
+    public static void Init()
+    {
+        DB = new SqliteConnection($"Data Source={path};");
</code_context>

<issue_to_address>
Database connection is opened and never closed, which may cause resource leaks.

Ensure the database connection is properly closed to prevent resource exhaustion or locking, particularly if Init() is called multiple times or during application reloads.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[Copilot]

Pull Request Overview

This pull request introduces the new TrCDK plugin for managing and redeeming CDKs and makes enhancements to the EssentialsPlus teleport permission handling.

• Adds a CDK redemption system with commands and SQLite database support.
• Introduces helper extension methods and updates the corresponding documentation.
• Upgrades EssentialsPlus version and adjusts TpAllowManager toggle logic.

Reviewed Changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
src/TrCDK/manifest.json	Adds manifest definitions for internationalized README descriptions.
src/TrCDK/TypeExtensions.cs	Provides helper methods for dynamic invocation with private members.
src/TrCDK/TShockCommandExtensions.cs	Adds a method to run commands without permission checks.
src/TrCDK/TSPlayerExtensions.cs	Introduces extension methods for TSPlayer, including permissionless invoke.
src/TrCDK/README.md & README.en-US.md	Documents the CDK commands and configuration details.
src/TrCDK/Main.cs	Registers CDK commands and contains the main plugin logic.
src/TrCDK/Data.cs	Implements SQLite operations for storing CDK information.
src/EssentialsPlus/README.md	Updates the changelog to document teleport permission changes.
src/EssentialsPlus/EssentialsPlus.cs	Bumps the plugin version to 1.1.0.
src/EssentialsPlus/Db/TpAllowManager.cs	Adjusts teleport permission toggle behavior.
Plugin.sln	Adds the new TrCDK project to the solution.

Comments suppressed due to low confidence (2)

src/TrCDK/TShockCommandExtensions.cs:18

• The error message text appears garbled, possibly due to an encoding issue. Verify that the source file encoding is set to UTF-8 and that the correct text is used.

				ply.SendErrorMessage(GetString("ָ��ִ��ʧ�ܣ�����ϵ����Ա"));

src/TrCDK/TSPlayerExtensions.cs:40

• The displayed error message appears corrupted, indicating a potential encoding issue. Ensure that error message strings are correctly encoded in UTF-8.

				player.SendErrorMessage(GetString("�����������Ч.����/help��ȡ��Ч�����б�."));

[ACaiCat]

• src/EssentialsPlus/Db/TpAllowManager.cs确实得改改，要不然MySQL报错又要有人来问问问的
• 下面两条随便了 :(
  有点怀疑不是Jonesn写的，感觉很多地方一股AI味

[ACaiCat]

@THEXN 需要重新测试一下功能

[THEXN]

• src/EssentialsPlus/Db/TpAllowManager.cs确实得改改，要不然MySQL报错又要有人来问问问的
• 下面两条随便了 :(
  有点怀疑不是Jonesn写的，感觉很多地方一股AI味

为了解决waring找ai了（）

[ACaiCat]

TODO:

• 优化LazyAPI的命令提示
• 修复CDK命令无法正常运行
• 解决冲突