Can people use other players names as parameters for remote events?

What I mean by this is:

myRemote.OnServerEvent:connect(function(playerWho)
print(playerWho)
end)

Being another player am I able to fire this remote event even if it’s not me? what ways would I bee able to prevent this? also I have a gun handler script(calculates the rays and sends back the visuals to all clients) should I put this handler in serverscriptservice or under the startercharacterscripts, worried about things bugging out since it’s only one remote for every player

Any player can fire any remote event as long as it is pointed to that remote event specifically. For your initial question, any type of data (except for instances) can be passed through the parameter.

1 Like

I asked a feew other questions, and Idea or suggestions?

Just use a single remote to be used by all players, I don’t get why you would want to use one remote for every player. Also you want to do things like tracers on the client, not the server, including raycasts.

I just thought it would be more safer to do raycasting on the server, everything else is done on the client

Sorry for not reading the rest of the questions carefully.

what ways would I bee able to prevent this?

I already mentioned that these remotes are fired if you specifically tell the script to fire that remote event, so there shouldn’t be a problem as long as you are not sharing the remote event.

should I put this handler in serverscriptservice or under the startercharacterscripts

ServerScriptService is for scripts specifically made for the server. StarterCharacterScripts are specifically made for local scripts. Now this is only my way of interpreting this, so I’m not sure if the other way around would also work.

It’s just that previous games I have put server sided scripts in the character and they were mainly involving the player interacting with the server so small things pretty much. But if I have the gun handler in the serverscript I wouldn’t know how to prevent people from firing it and not being their name. The only fix I know is putting it in starter character scripts and simply checking if the player parameter is equal to the characters name

While it is your code, Roblox is a place where you’re gonna be immediately liable for ANYTHING controversial, IF, it is legitimately moderated. No one may ever have the chance to read your code. If they do, just be fair, be consenting, and you’ll be ok lol.

1 Like

Thanks for the input… But it’s just for safety measures as not all exploits are down

The player parameter (the first one) will always correspond to the client who sent the remote. In most cases other players can fire any remote (the exception would be where the remote would be selectively replicated, I wouldn’t trust that personally), though the player parameter will always be the correct player and exploiters can’t spoof that.