DataMate - Gain Full Control Over Your DataStores Via The Web

We were recently made aware of an issue that caused this error:

Error: Can’t find project limit

We would like to let everyone who encountered this error know that it has now been fixed. However, due to the error happening in the background during account registration the error would have only come to light when attempting to query the toolbox database (eg: When creating a new project). Due to the issue already being written to the database the issue can’t be fixed itself.

If you encounter this error, please contact support@bulkbrains.com or you can contact me on the here on the DevForum.

The issue was caused by a reliance on the mail client which errored out and the toolbox database was only written to if the email was sent. Therefore your account was created normally but the associated toolbox account wasn’t.

Upon making an account I have access to someone elses invoice for a subscription to your site which contains incriminating information since well its an invoice you might wanna fix that.

if you’re hosting the website wouldnt this be a huge vulnerability for datastores since you can access and possibly modify them?

To be honest with you, there would be ways, however there is no way of offering the same service without the developer of the OpenCloud of the service having access to you datastores. I have been in contact with Roblox OpenCloud Team about having datastores as an OAuth2 endpoint rather than through an API key and I was just told my recommendation was passed on but there are not plans to do so at the moment.

I suppose the whole system runs around trust. I would just recommend making sure to only allow our servers IP as even in the unlikely event of a data breach nobody else will have access to your datastores. I also don’t see why there would be any sensitive information stored in your DataStores but I understand your concern, however I will not lie to you and say it’s impossible for me to view you datastores if I really wanted to and spent the time to do so.

1 Like

I have replied to your issue setting up your game via email. I have also fixed this serious security vulnerability.

For anyone wondering this invoice appearing in the incorrect account has since been fixed. The issue was identified to be an error when authenticating the user who was requesting a result of all their purchases/subscriptions.

1 Like

502 Bad Gateway
nginx/1.14.2

can you fix this?

Hi is this still happening. If it is could you send me a screenshot please?

still happening yes

Ok, I believe what happened is Roblox increased the length of API Keys without informing developers therefore our database had a limit for 255 characters for the API Keys when the new API Keys are almost 1,000 characters long. The issue should now be fixed.

Hello, It works now :smiley:

Thanks for fixing it

1 Like

Hi @icrann .

On the datamate it says [object Object] on the values? can you explain, and tell me what the issue is?

Sorry about that, It was due to the code getting confused when JSON was being stored it is now fixed and JSON is being handled as a string.