Data and RemoteFunctions

Thank you.

Clients, can change stuff in game but does not replicate what changed to the Server. Basicly if you are playing sound from local, while filtering enabled, only you can hear the sound. This prevents most of exploits from destroying your game.

Actually sounds are one of the exceptions for FilteringEnabled for legacy reasons. Roblox added a property to SoundService called RespectFilteringEnabled though which makes them behave as expected – this change was made in response to an exploit. A lot of the exceptions to FE have been patched for similar reasons.

Sorry if I’m bothering you. I really appreciate your help. Would having a “Script” in a tool which accesses a folder in “ServerStorage” be exposed to the client?

I don’t know if I should make a new thread. If I should be doing that, can someone let me know?

Yes. Any ‘Script’ anywhere would have access to serverstorage. Inside a player’s camera or inside a ‘Message’ /‘Hint’ created by the client MIGHT be two exceptions since those only exist on the client, but I know that a tool is not an exception here.

ServerStorage is only accessible from the server. I’m saying if I use a variable to get something from the ServerStorage from a Script inside a tool, would it be leaked? I’m only getting it, not changing or parenting or whatever. Just getting something from ServerStorage in a folder. Basically getting data from there and then only using it throughout the “Script” nowhere else (the script is inside a tool which is accessible from the client)

What I am doing: the players roles are in a folder in ServerStorage and the tool the players have, check to see other players roles which the Script checks in ServerStorage in a folder so exploiters don’t know but I don’t know if it leaks that data if the Script is accessible (in a tool) to the client

It’s in a ‘script’ and the values are in serverstorage, so you should be safe. Although, if you need to access client only information for use of the tool, you might have to switch this up and use a ‘LocalScript’. Instead of keeping the values in server storage, you could make a table in a server script and use a remotefunction to retrieve the value. Here’s an example

–Script inside of ‘ServerScriptService’:
local playerRoles = {}
local GetRole = Instance.new(‘RemoteFunction’)
GetRole.Name = ‘GetRole’

GetRole.OnServerInvoke = function(player)
return playerRoles[player]
end

GetRole.Parent = game.ReplicatedStorage

–Local Script inside the player’s tool:
local GetRole = game.ReplicatedStorage:WaitForChild(‘GetRole’)
local role = GetRole:InvokeServer()


This would let you access the role value in a player’s local script without the possibility of exploiters being able to change the value of the role. Although, it would be up to you to populate the ‘playerRoles’ table with the player being the key, and the role being the value. Anyways, that’s all the help I can give you. Good luck

Thank you. Although it isn’t just “client-only” data, that folder is used for every client and the server itself including multiple scripts. It is a server-wide folder