View Single Post
  #1  
Old 09-01-2017, 10:34 PM
maximus_asinus maximus_asinus is offline
RIP DarkCloud_PK
Join Date: Oct 2001
Location: Canada
Posts: 3,729
maximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond repute
Addressing Security inside NPC?

How secure are attr[] values from a memory editor? I'm defining them serverside and using them to sync data between the server and client. I'm wondering if because of their nature, will a player running a trainer be able to redefine these values?

A stripped down version of my script:

Graal Script Code:
// level NPC
function onCreated() {
  
this.attr[1] = ITEM;
  
join("CLASS");

Graal Script Code:
// class NPC
function onActionCHECK() {
  
addweapon(this.attr[1]);
}

//#CLIENTSIDE
function onPlayerTouchsMe() {
  
// triggeraction CHECK

As you can see, IF this.attr[1] is accessible by a trainer then the player could inject code to give himself any item on the server.
__________________
Save Classic!
Reply With Quote