Leaderboard

For every aspect of things a cheat/lua injector can result in, there is specifically tailored ways to prevent it. Scripters with a good sense of security-by-design can do so much more than follow basic "Script security" guidelines that apply mostly to triggers and such. In case of player money, there should be a solid foundation (before anything else) that consists of not using GTA money as the truth/unit, but handle anything to do with money by yourself using your account system that operates through SQL database. At any time a player does anything that can lead to money increasing, being given or deposited, it has to happen through a trigger handling the event (context in which the player experiences a money change). Secure your triggers (also read https://wiki.mtasa.com/wiki/Script_security) and you're done. It's important to understand that as part of it, you are redefining money: i repeat, do not use GTA money. Use a field in your SQL database that defines the unit money, and it's an entire different virtual entity than GTA money. Obviously, also avoid using elementdata to store or update player money. Of course, even when you incorporate my suggestions on how to handle money different in an integral way, extra checking like explained by @IIYAMA is a good stick behind the door, in case someone manages to find and exploit a script security flaw in your triggers. @FlorinSzasz

Cool

Happy Birthday!!!