Graal Forums  

Go Back   Graal Forums > Development Forums > NPC Scripting
FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 09-01-2017, 09:34 PM
maximus_asinus maximus_asinus is offline
RIP DarkCloud_PK
Join Date: Oct 2001
Location: Canada
Posts: 3,743
maximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond repute
Addressing Security inside NPC?

How secure are attr[] values from a memory editor? I'm defining them serverside and using them to sync data between the server and client. I'm wondering if because of their nature, will a player running a trainer be able to redefine these values?

A stripped down version of my script:

PHP Code:
// level NPC
function onCreated() {
  
this.attr[1] = ITEM;
  
join("CLASS");

PHP Code:
// class NPC
function onActionCHECK() {
  
addweapon(this.attr[1]);
}

//#CLIENTSIDE
function onPlayerTouchsMe() {
  
// triggeraction CHECK

As you can see, IF this.attr[1] is accessible by a trainer then the player could inject code to give himself any item on the server.
__________________
Save Classic!
Reply With Quote
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 12:00 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2023, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.