karimsqualli96 Posted August 30, 2014 Share Posted August 30, 2014 hi, i'm developping a roleplay gamemode, and i wanted to write a player needs system (eating, sleeping, ...) i can make a timer in server side that decrease there variable for the player, or make the timer in client side that decrease these variable in the client side and before the player disconnect i will send the data to the server. the second aproach is more efficient for the server performance, but its safe? can a player change client side variables? Link to comment
myonlake Posted August 30, 2014 Share Posted August 30, 2014 (edited) Anything that is ran client-side can be altered no matter how you try to prevent it. You can always make it less probable, but it can still happen regardless of what you do. I would rely on the client as I have not seen many injections happen while I have been playing on servers, but it really depends on if you trust your players. If you do not, then just do it server-side and your problem is solved, though it is worse on behalf of performance, just a tiny bit though. Just use one timer and do the stuff for all clients at once but make sure to slow it down, so you will not run 100 simultaneous tasks, which will cause sync delays or freezing as the server processes the data. Of course simply altering table values will not cause a freeze. And do not take it as if timers are bad code; timers are there for a reason and if you cannot find any other way to time something, then just go for it. Timers are native code and work efficiently, and honestly I like timers, they are great when used accordingly. It would be an another story if you had a timer doing the exact same thing on all clients - that is inefficient and will cause performance drops server-side as it has to calculate each timer individually, when you could have just one run it for everyone. As Bonsai mentioned below, you can use element data to make it more secure. As you are altering a value with a static pre-defined amount, it should be possible to calculate maximum (and minimum) offsets. So if you send the new data to the server, the server calculates if the previous and current data match the amount it should have given the client, then it lets it go through, or if the offset is way too different, it will alarm of a possible cheat. This should also be compatible with game freezing or temporary problems with packets. If a packet is lost or problems occurred when sending data to the server, it will simply try to send it next time, and repeat until it successfully sends it. The server will calculate the amount of times the person would have received a specific amount of points, and then compares it to the amount the client has at the time the server receives the packet. If the point amount is way over the maximum point count, it will cancel it or possibly just reverse to the maximum point count so the player still gets points, but only the amount the player should have in the first place. So basically the client is only just sending the server a notification that it should check the points against cheating. However I think constant client-server communication like so is inefficient and very poor way to make an anti-cheat work. You could just time it server-side and do it to all clients at once, and then keep track of all transactions the client has made during the time. It just needs a lot of testing whichever way you end up doing it, but just so you know (as an example) all games always verify client movement server-side, as otherwise you could use speed hacks to make you move faster than the game allows by default. That is using a constant connection between the client and the server for anti-cheat purposes. Anti-cheat is a large subject as there are many many ways to accomplish one and another, but hopefully this helped you out. Edited August 30, 2014 by Guest Link to comment
Bonsai Posted August 30, 2014 Share Posted August 30, 2014 Check this out: https://wiki.multitheftauto.com/wiki/Script_security Even though I never heard about such problems. Link to comment
Moderators IIYAMA Posted August 31, 2014 Moderators Share Posted August 31, 2014 First. serverside + lightweight_sync your (eating, sleeping, ...) data = Secure, client performance. Never do: before the player disconnect i will send the data to the server. Because of: client crash, connection timed outs, packet loss, server crash, "onResourceStop" and anything else what might make miscommunication. Link to comment
karimsqualli96 Posted August 31, 2014 Author Share Posted August 31, 2014 First.serverside + lightweight_sync your (eating, sleeping, ...) data = Secure, client performance. Never do: before the player disconnect i will send the data to the server. Because of: client crash, connection timed outs, packet loss, server crash, "onResourceStop" and anything else what might make miscommunication. that what i'm doing right know, i will make server side variable and a timer ( 5 min interval ) to sync data with the client Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now