From dac941df1f13d17dfef7411420fd29ed71545483 Mon Sep 17 00:00:00 2001
From: t1amak <tiamaczek@gmail.com>
Date: Thu, 29 May 2025 08:23:29 +0000
Subject: [PATCH] Restrict most commands to DM only. Allow tip command
 everywhere.

---
 salvium_tipbot.php              |  1 +
 src/salvium_tipbot_commands.php | 23 ++++++++++++++++++++---
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/salvium_tipbot.php b/salvium_tipbot.php
index 17b4724..73e6ad0 100755
--- a/salvium_tipbot.php
+++ b/salvium_tipbot.php
@@ -28,6 +28,7 @@ $command = strtolower($args[0] ?? '');
 $context = [
     'chat_id' => $message['chat']['id'],
     'chat_name' => $message['chat']['title'] ?? $message['chat']['first_name'] ?? '',
+    'chat_type' => $message['chat']['type'],
     'username' => $message['from']['username'] ?? '',
     'user_id' => (int) $message['from']['id'],
     'raw' => $message['text'] ?? '',
diff --git a/src/salvium_tipbot_commands.php b/src/salvium_tipbot_commands.php
index a48e944..533efdd 100644
--- a/src/salvium_tipbot_commands.php
+++ b/src/salvium_tipbot_commands.php
@@ -6,6 +6,13 @@ class SalviumTipBotCommands {
     private SalviumTipBotDB $db;
     private SalviumWallet $wallet;
     private array $config;
+    private array $commandAccess = [
+        'start'    => ['private'],
+        'deposit'  => ['private'],
+        'withdraw' => ['private'],
+        'balance'  => ['private'],
+        'tip'      => ['private', 'group', 'supergroup'],
+    ];
 
     public function __construct(SalviumTipBotDB $db, SalviumWallet $wallet, array $config) {
         $this->db = $db;
@@ -15,14 +22,24 @@ class SalviumTipBotCommands {
 
     public function handle(string $command, array $args, array $context): void {
         $method = 'cmd_' . ltrim($command, '/');
+
+        $cmdKey = ltrim($command, '/');
+        $allowedChats = $this->commandAccess[$cmdKey] ?? [];
+
+        if (!in_array($context['chat_type'], $allowedChats)) {
+            return; // not allowed
+        }
+
         if (method_exists($this, $method)) {
             $response = $this->$method($args, $context);
         } else {
-            //$response = "Unknown command.";
-            $response = "";
+            $response = ""; // Optional fallback
+        }
+
+        if ($response) {
+            sendMessage($context['chat_id'], $response);
         }
 
-        sendMessage($context['chat_id'], $response);
         $this->db->logMessage($context['chat_id'], $context['chat_name'], $context['username'], $context['raw'], $response);
     }