karlis Posted March 20, 2010 Share Posted March 20, 2010 yes, with this example you will sync all values what is in serverside script to clientside, and dont do it for resources that have some data serverside that shouldnt be seen clinetside --serverside addEvent("onRequest",true) addEventHandler("onRequest",getRootElement(),function() local vars={} local global=_G for name,value in pairs(global) do if type(value)=="string" or type(value)=="number" then --no need to send tables, userdatas, etc vars[name]=value end end triggerClientEvent(getRootElement(),"setVars",getRootElement(),vars) end) --clientside addEvent("setVars",true) addEventHandler("setVars",getRootElement(),function(vars) for key,value in pairs(vars) if not key then key=value else outputDebugString("\'"..key.."\' variable is already clientside, so it wont be overwritten from server",2) end end end) function onResourceStart() triggerServerEvent("onRequest",getRootElement()) ... end addEventHandler("onClientResourceStart",getRootElement(),onResouceStart) some1 say if something is wrong Link to comment
robhol Posted March 20, 2010 Share Posted March 20, 2010 I don't know if it's wrong, but the concept is idiotic. It's practically opening a door for hackers... and then putting glowing, flashing lights and a huge arrow towards it. Data should be synced on demand, and the client should not be trusted for an uncorrupted version of it. If your client can in any way change something that ends up on the server without validation, let alone actually being SYNCHRONIZED with the server without validation, you have made a huge mistake and a potential gaping security hole. Link to comment
robhol Posted March 20, 2010 Share Posted March 20, 2010 No, no, no! Don't use it, ffs, it's a glaring security risk and a 12yo could hack it - use events. Transfer important data from server to client ONLY. Data on the client's side can be hacked. Link to comment
karlis Posted March 21, 2010 Share Posted March 21, 2010 (edited) i warned its for scripts that have nothing to hack on...he asked, i made some... Transfer important data from server to client ONLY. which exacly the example only does...(correct if im gettin' dumb) besides this resource is definitely BAD idea for scripts that have some numbers/strings that shouldn't be viewed clientside(eg. keywords/passwords) Edited May 11, 2011 by Guest Link to comment
qaisjp Posted May 10, 2011 Share Posted May 10, 2011 Sorry for the bump but keywords and passwords can be md5'ed using md5(string). So instead of if guiGetText(passwordEdit) == getElementData(me, "pass") then use if md5(guiGetText(passwordEdit) == getElementData(me, "pass") then Link to comment
karlis Posted May 11, 2011 Share Posted May 11, 2011 Sorry for the bump but keywords and passwords can be md5'ed using md5(string). So instead of if guiGetText(passwordEdit) == getElementData(me, "pass") then use if md5(guiGetText(passwordEdit) == getElementData(me, "pass") then better still check it serverside. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now