How should I Handle Weapon Data?

Hi,

So right now I’m trying to figure out how I should Handle Weapon Data, My System right now uses ModuleScripts to store the Data Required for them to work, but I’m not sure how if what I’m doing is a good way of Handling it, or if there is another way of Handling it.

Maybe Attributes?
Attributes might make the Process faster, but I’m concerned about Exploiters just changing the Values and ruining the game for people

ValueBase Instances?
ValueBase Instances might have the same effect from the Exploiters.

Right now I have the Modules inside ReplicatedStorage, but I’m not sure if I should place them in ServerStorage, and to have a RemoteEvent get the Data from ServerStorage for the specific Name of the Weapon.
And, The Weapons are Handled on the Client to avoid issues, and to put less on the Server.

What should I do about Handling Weapon Data?

1 Like

If by your current system you mean that you have a table containing all attributes about each weapon types, then that is a perfectly acceptable way of storing that data. In my opinion, there is no need of change at all.

Try all they might, they will never be able to affect the Common Truth (aka the server). As long as the server knows the true attributes of each weapon, changing “The Mighty Sword of Cardboard” to deal 50000 damage won’t do a single thing as it won’t replicate to the server.

First point, what is the point in moving the module to a server-only section? If you need to manually provide that data to the client, then chances are it belongs in ReplicatedStorage.

Aaaaaand that’s your issue. I understand that handling dealt damage on your server might make things a tinge slower, if it causes significant performance lag, you should consider updating the way you handle dealt damage on the server. As you have not mentioned how, I cannot provide any insight on how to help.

Secondly, your current system already is insecure. Changing to ValueBases or Attributes won’t do a thing. An exploiter will hack your scripts and will always be able to hack the amount of damage dealt by the weapon. The only way around this is to handle the damage by the server. I understand this isn’t the answer you want but, as far as my experience goes, it is truly the best and only secure (not necessarily performant) way.

If you have code like this: (psuedo-code)

-- Client
local weaponDamage = 1000

function weaponClicked(otherPlayer)
    otherPlayer:Damage(weaponDamage)
end
-- Server
function Player:Damage(amount)
    self.humanoid.Health -= 1000
end

Change it to this:

-- Client
function weaponClicked(otherPlayer)
    Server:SwingWeapon(otherplayer)
end
-- Server
function Server:SwingWeapon(fromPlayer, toPlayer)
    -- Verify nearness of player (done on both client AND server)
    if (fromPlayer.character.HumanoidRootPart.Position - toPlayer.character.HumanoidRootPart.Position).Magnitude > 20 then return end
    
    local weapon = fromPlayer:GetHeldWeapon() -- This, for example, may come from a module containing attributes about each weapon.
    otherPlayer:Damage(weapon.DamageAmount)
end

Note that some of this is opinionated and you should judge what the best solution is for yourself.

Hope that helps!

3 Likes

The Client handles the Details, and Events that fire like Equipped or Activated, Raycasts are handled by Server, thats what I mean.

Also. I Think I should just reference the Tool when firing the RemoteEvent, so the Server will look at the values instead of just sending data

I know, You act like I dont know this at all, plus my question is something completely different

Sorry, I thought you meant the actual damage is dealt by the server.

If what you mean by details is animations and effects, then yeah, everything should be good.

If you want to use folders and attributes instead of having everything in one module, you can do that! As far as I know, although an exploiter can change this for their own client, it shouldn’t matter as it should only really affect visuals which they probably don’t care about anyway considering they’re hacking the game. As for damage logic, you said that is handled by the server so it is completely secure.

1 Like

So, I Decidied to do this:

  1. require the ModuleScripts that Hold the Weapon Data for each Weapon
    This is so i can easily access it with the Module that loads the Data
    It is Essentially a Module Loader, where Ill have it Iterate through all the Modules before the Game Starts to Store them together and to get Accessed Later.

  2. Have a Module Handle the Main Pieces of Data
    I have a Module that has a DealDamage and GetData function for the Weapons to Use, along with a function to connect a RemoteEvent using the Data when it is retrieved

  3. Use the Server to get the Data for the Tool
    This “should” be somewhat secure since exploiters cannot access the Server Stuff, and the Server Script would be accessing something which does not replicate to the Client. But Within this Script, it will get the Data from the Module, and Apply the Data into the Tool, while the Client Handles the Details.

Would this work??