generic image
Processing...
  • Games
  • Catalog
  • Develop
  • Robux
  • Search in Players
  • Search in Games
  • Search in Catalog
  • Search in Groups
  • Search in Library
  • Log In
  • Sign Up
  • Games
  • Catalog
  • Develop
  • Robux
   
ROBLOX Forum » Game Creation and Development » Scripters
Home Search
 

Re: Filtering & Money

Previous Thread :: Next Thread 
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 07:50 PM
My game is all gui based, no roblox physics.

All the gui's have localscripts instead of serverscripts. Filtering is also enabled. Since there is no group features with the gui's (where players might 'share a screen'), having the local scripts only change your local gui's (and not change it on the server) is no problem, because no one else needs to see your gui, and you can still play the game.

This is where it gets a bit complicated.

I have one main cash value. Everytime the "Money" value (int) is changed, the local script fires a remote event. A server script then has its own Money value inside it, different from the local value that all the localscripts change, which that script then changes. This is the only way for the server to see the money. The amount in the server script could be seen as 500 on the server, while the "local" money value still 0. This is so the datastore can save it.

Here's my main concern. If I understand how hackers work, is they insert their own local scripts. Now, even if filtering is enabled, just changing that local value for Money would change the server's value as well because of the remote event. Because of this, filtering wouldn't prevent money hacking still. Is this true?

Report Abuse
chimmihc is not online. chimmihc
Joined: 01 Sep 2014
Total Posts: 17143
22 May 2015 07:52 PM
The way you're doing it you might as well not use FE.


I script -~ chimmihc
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 07:54 PM
If anything, filtering will prevent hackers from just deleting people's guis.

How can I make the system work? Other people have money values.

-- Money -- All local scripts in the gui change this

-- Script -- Receives RemoteEvent with Money ^ value, changes server money
--- ServerMoney

-- LocalScript -- .Changed for Money triggers RemoteEvent
Report Abuse
Darkmist101 is not online. Darkmist101
Joined: 30 Jul 2010
Total Posts: 6208
22 May 2015 07:57 PM
Without FE, people still can't see other people's PlayerGuis...

If you tell the server to change the money to X value, the foundation is really bad.
The one tip for client-server communication, never trust data the client sends.
If you don't have a way to verify the data is valid, re-design your game.
Report Abuse
chimmihc is not online. chimmihc
Joined: 01 Sep 2014
Total Posts: 17143
22 May 2015 07:57 PM
You should be handling the money the other way around, hackers can change anything on their client.


I script -~ chimmihc
Report Abuse
Darkmist101 is not online. Darkmist101
Joined: 30 Jul 2010
Total Posts: 6208
22 May 2015 07:58 PM
There needs to be some type of filter to [how] the data is validated.
You didn't give any information to what the game is, minus money (WHAT IS THE MONEY USED FOR?)

So it's very hard, because you are vague.
Give a real example.
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 07:59 PM
It's a casino game. If you win something like, slots, the local script changes the local value. Pretty simple. Any suggestions how to make it hacker proof?
Report Abuse
Darkmist101 is not online. Darkmist101
Joined: 30 Jul 2010
Total Posts: 6208
22 May 2015 08:00 PM
Lmao I am making one.

-Gets out of thread-

Just saying, you don't understand what you're doing with FE.
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 08:03 PM
I know how FE works, how client changes don't replicate to the server, but I'm not really grasping how to fix this problem. I've pretty much explained how the system works. Any solutions?
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 08:08 PM
I wouldn't be able to use server scripts as the script for the slot machines, because it wouldn't run in the playergui. So it has to be localscript
Report Abuse
BothAngles is not online. BothAngles
Joined: 01 Dec 2011
Total Posts: 9604
22 May 2015 08:08 PM
u tell everyone to use fe and then get surprised when they cant or use it incorrectly lol
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 08:15 PM
Any suggestions how to make it not exploitable?
Report Abuse
BothAngles is not online. BothAngles
Joined: 01 Dec 2011
Total Posts: 9604
22 May 2015 08:16 PM
disable fe and get an anti exploit
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 08:34 PM
how can I fix this
Report Abuse
hdtv13 is not online. hdtv13
Joined: 18 Sep 2012
Total Posts: 1628
22 May 2015 08:37 PM
You have been told, no one is going to recreate your code.

I have skin, potatoes have skin, therefore I'm a potato.
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 08:47 PM
No one suggested a method on how to fix it

And no, I don't remember asking for any code.
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
22 May 2015 10:37 PM
bump
Report Abuse
Scripth is not online. Scripth
Joined: 23 Jun 2013
Total Posts: 1724
22 May 2015 10:40 PM
I'd recommend using the remoteevents to cast the updated money value to the server but use the server to double check their money from the previous value so they can't scale up over a certain amount over a certain amount of time, depending on how you all have it set up you could do it differently but just make sure to have double checks on all your values in the server

if you could i'd make anything that would gain money locally just fireserver with whatever type of profit they get for it so you could use the server to just parse thru all this and check what types of money they picked up in the server and then use the server to calculate and change the value
Report Abuse
LegendaryAccount is not online. LegendaryAccount
Joined: 02 Jun 2010
Total Posts: 13193
22 May 2015 10:44 PM
You must store it in serverstorage so clients cant access it
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
23 May 2015 09:20 AM
Based off what scripth said, here's what I've come up with

1. Whenever a localscript needs to add money, it fires a Remote Event called "Add" with how much coins to add
2. There is a server script tied to the remote event for "Add", and then it adds that much to their money in ServerStorage.

This is different because there's no money value in their playergui. Adding money has to be used through the remote event. Would this work?
Report Abuse
BothAngles is not online. BothAngles
Joined: 01 Dec 2011
Total Posts: 9604
23 May 2015 10:13 AM
Yes
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
23 May 2015 02:45 PM
I changed it this:

The Coins value is held in serverstorage. A local script can use the Remote events Add, Subtract, or GetCoins to Add coins, subtract coins, or get the number of coins. Will this help with security?
Report Abuse
chimmihc is not online. chimmihc
Joined: 01 Sep 2014
Total Posts: 17143
23 May 2015 02:52 PM
Until the exploiter figures out about the remote event and decides to fire it.


I script -~ chimmihc
Report Abuse
nQqzRYVpIKA5jLP is not online. nQqzRYVpIKA5jLP
Joined: 05 Mar 2015
Total Posts: 4135
23 May 2015 02:55 PM
Whenever the player interacts with the casiona, use some kind of remoteevent/remotefunction to tell the server, then have the server manage the money the player has that way.
Report Abuse
AntiFiter is not online. AntiFiter
Joined: 14 May 2009
Total Posts: 12290
23 May 2015 02:57 PM
@nQ

I don't really need to use remote events for the entire casino, because it works fine since it's just a gui. Scripts also don't run in the gui because of filtering, so the slot machine has to be a local scripts, meaning the remote events that I set up.
Report Abuse
Previous Thread :: Next Thread 
Page 1 of 1
 
 
ROBLOX Forum » Game Creation and Development » Scripters
   
 
   
  • About Us
  • Jobs
  • Blog
  • Parents
  • Help
  • Terms
  • Privacy

©2017 Roblox Corporation. Roblox, the Roblox logo, Robux, Bloxy, and Powering Imagination are among our registered and unregistered trademarks in the U.S. and other countries.



Progress
Starting Roblox...
Connecting to Players...
R R

Roblox is now loading. Get ready to play!

R R

You're moments away from getting into the game!

Click here for help

Check Remember my choice and click Launch Application in the dialog box above to join games faster in the future!

Gameplay sponsored by:
Loading 0% - Starting game...
Get more with Builders Club! Join Builders Club
Choose Your Avatar
I have an account
generic image