Scripting Helpers is winding down operations and is now read-only. More info→
Ad
Log in to vote
0

Question about RemoteFunctions, and exploiting?

Asked by
Shrilleh 68
4 years ago

Say I was making a character creator/customiser, where the player can choose their hair, hats, clothing etc. on the client/localscript. If I were to call a RemoteFunction to check if they had a certain gamepass (for example one which unlocks exclusive hats), I would return either true or false into a variable. My question is, would the client be able to change this variable after it's been returned, (so false to true), so they can access the exclusive items without having the gamepass?

Secondly, what would be the most ideal place to store experience and currency on the server, so it's not accessible or able to be changed by the client, (e.g in Players Service, Repstorage, workspace etc.)?

Thanks.

1 answer

Log in to vote
1
Answered by
Elixcore 1337 Moderation Voter
4 years ago

To store things on the server side you use ServerStorage and ServerScriptService, ServerStorage is simply for storage but ServerScriptService will also execute the scripts in there.

Now about exploiting. They will be able to still obtain the gamepass hat if you're doing it all in a localscript, if you want them to not obtain the gamepass hat then do it on the server side, otherwise you can't protect yourself from exploiting.

0
The remotefunction calls to a serverside script, which then checks if the player has the gamepass, it's just if they can changed the returned value or not? Shrilleh 68 — 4y
0
as I said, they can and they will as long as it's a localscript. Elixcore 1337 — 4y
Ad

Answer this question