Explanation On Client Side VS. Server Side?
As I've been scripting, I realized I still don't have a great understanding of the difference between scripts, local scripts, and module scripts, in Roblox.
So I've been wondering how these interact with the two sides and how the change things on the opposite sides.
Below is what I believe to be true and my current knowledge.
LOCAL SCRIPTS
1. To me, local scripts are mainly used for camera work, animations, dealing with smooth movements, and insuring a good experience for the player.
2. Local scripts are mainly only client side, unless filtering isn't enabled, thus local parts can be created.
3. If filtering isn't enabled, bricks created by the client are given to the server side, which is how exploiters add in free models to games you're in.
SCRIPTS
1. To me, scripts are the server side aspect used for making bricks, doing background calculations, and making the game run correctly and smoothly.
2. Scripts cannot be used to move cameras, even when passed one through the remote events or remote functions.
3. Scripts are unable to interact with clients, but clients can interact with objects, such as GUI's that trigger scripts.
MODULE SCRIPTS
1. To me, module scripts are used for libraries, API's, and allowing multiple scripts with the same functions to use the same one.
2. Module scripts are used both by server sided scripts and client sided scripts, if put into replicated storage.
3. Module scripts can not have triggers, such as a GUI being pressed, nor can they have variables that aren't part of the module (Ex: module.text = "Hi").
If you have anything that can help me understand these more, or correct what I think to be fact, that would be very much appreciated!
Thanks in advance, legobuildermaster
1 answer
Interesting question, I'll try answering it the best I can.
The Client-Server Model
Almost everything today uses the Client-Server model. In this model, as opposed to P2P, there's only one node (in the physical world a node is just a electronic device within the network) in the network whose serves the content, this is called the server, every other node can only request things from the server, those nodes are called clients.
This provides the benefit of security because a client can only communicate with the server so only the packets coming from the server can be considered valid. On the other hand there's a increase in latency because when a client sends a packet it first have to arrive at the server and then the server has to send that new state to every connected client, that's called replication.
So in summary, there's a clear distinction between nodes: server and client. The client cannot send information to other clients, only the server can do that.
Application in ROBLOX
After understanding the concept we need to understand how ROBLOX implements it.
ROBLOX has been famous because it used to be one of the most exploitable games, as any old user can confirm, "But didn't you say the client-server model benefit was it's security?" and indeed it is when implemented well. The problem is that ROBLOX blindly trusted the clients:
"Oh Client 1 reports a new block in position X, I'm not going to do any checks and just replicate that information to other clients"
Recently they implemented filtering that means the server is not going to replicate any information sent by a client. I personally think that's not a good solution, it seems ROBLOX is extreme: "Either I trust everything from the clients or I distrust everything"
**Server side and client side in ROBLOX"
ROBLOX makes a distinction between code run on the clients and code run on the server, calling the Local Scripts and Scripts respectively.
As mentioned above a Local Script is code that runs on the client, this code can change the world state as any other piece of code. Whether the server replicates this new state is determined by the FilteringEnabled option.
As this code is run on the client it has access to client only entities, like the camera, but does not have access to server only entities: Remember both the client and server maintain their state independently: the client updates said state when the server request it to and vice-versa (if the server trust the client).
Scripts, also known as server scripts, are code that only runs on the server: The client doesn't know the code that is running, it only knows that the server tells it (a major exploit back day was that the client did know what code the server was running, essentially allowing place stealing).
And since the code runs on the server it doesn't have access to client state, that means it can't access an specific player camera because it doesn't know the camera exists in first place.
Module scripts are just libraries that are loaded when required and whether it runs on the client or server depends on the location of said module.
Hope it's clear, I can update with information as requested.
0