How do i make remote events / remote functions safe from exploiters?
Hello scripting helpers.
I am making a game but i found a really serius bug.
Exploiters can fire a remote event and then add every item that they want in the intire game to their inventory. The remote event is being used for crates that run on the client side.
My question is: How can i make the remote event safe from exploiters so they can't add items to their inventory?
0
0
0
0
1 answer
I do not recommend saving the crates or any important data such as "money" (as an example) on the client side. Instead of saving crucial data via client, save it on the server side. Use the server to store and manage data and use the client to display that data.
Since you are using crates, create a remote event that calls to open the create. When that remote event gets fired the event sends the player's name as the very first parameter. You can use it to locate the player.
Example:
script.RemoteEvent.OnServerEvent:connect(function(plr) --Plr is the name of the player who ran the server event; the name can be anything you want.
--Your code--
end)
So the server randomly chooses an item from the crate (if this is how your crate system works). It can then use the player's name to put it into their inventory. I recommend saving these items into the server's storage.
Example:
randomItem = {"Gun", "Knife", "Dollar"} --Random items
script.RemoteEvent.OnServerEvent:connect(function(plr) --When the server event is fired
local givenItem = randomItem[math.random(1, 3)] --Randomly choses an item from the table
local clonedItem = game.ServerStorage[givenItem]:Clone() --Clones the item from the server's storage
clonedItem.Parent = game.Players[plr].StarterGear --Moves the cloned item into the Player's starter inventory
end)
Hope this helps; if you got any questions please contact me. ;)