I am working on the 6th iteration of my gun system for my game, and was wondering how everyone else gets their guns to fire the second a user clicks the mouse, I am already aware that the shot is fired in the local script first then the data is sent to the server to show for other players, but I’m wondering how to do that effectively.
You could fire the shots on the client, handle hit detection on the client, and fire to the server every time you hit someone.
Make sure to account for exploiters though.
Something like this:
UIS.InputBegan:Connect(function(input, gp)
if gp then return end
if input.UserInputType == Enum.UserInputType.MouseButton1 then
gunModule:Fire(true) -- start firing the gun
end
end)
UIS.InputEnded:Connect(function(input, gp)
if gp then return end
if input.UserInputType == Enum.UserInputType.MouseButton1 then
gunModule:Fire(false) -- stop firing the gun
end
end)
-- In the module script
function gunModule:Fire(mode)
GunEvent:Fire(mode)
-- Handle firing bullets and hit detection with firing to server for dmg every time bullet detects hits
-- i.e. require(game.ReplicatedStorage.Modules.GunModules[weaponName]):FireWeapons(currentWeaponYoureUsing, mode) does all the handling for firing bullets
end
-- In server script
GunEvent.OnServerEvent:Connect(function(player, mode)
local char = player.Character; if not char then return end
-- find out what weapon they're using
local wep = GetPlayersCurrentWeapon(player)
for _, otherPlayer in next, game:GetService"Players":GetPlayers() do
if player ~= otherPlayer then
GunEvent:FireClient(otherPlayer, wep, mode)
end
end
end)
-- In a client script
GunEvent.OnClientEvent:Connect(function(weaponChoice, mode)
local module = require(game.ReplicatedStorage.Modules.GunModules[weaponChoice.Name])
module:FireWeapons(weaponChoice, mode)
end)
Really rough pseudo-code… but this is how I would handle it.
4 Likes
Thanks, this will work, I didn’t think to handle the hit detection on the client, although now I feel slightly silly for not realizing sooner, thank you! I think I have a way to keep exploiters from abusing this too
1 Like
Don’t do this. This is very insecure. Instead, fire a “mock” bullet on the client that plays the sound/flashes/whatever else for instant feedback to the player’s clicks but actually register the hits and deal damage on the server.
9 Likes
This isn’t a very good model to follow, though. For example, the bullets you’re firing on the client wouldn’t coincide with bullets being fired on the server, resulting in a feeling of “bad hitboxes”
2 Likes
No no don’t do that. Thats exactly how latency becomes an issue.
1 Like
This shouldn’t be an issue as players are far more likely to blame the lag than bad hitboxes. In this case, it really would be a lag issue for missing. Your system both makes lagswitching and aimbot incredibly powerful which is a much worse experience than missing a few shots from lag.
3 Likes
I think you should go with @posatta solution. Rouge’s is far too easilly exploitable and it will have to make loop holes to fix.
You could also try sending mouse position of the user who fired the gun to the server and have the server handle the bullet, this will decrease latency, however the user may hit a user on their screen and it may possibly “not hit” which may result in them thinking the game is busted. This is a low latency solution but i will cause bad gameplay so not worth it.
Main point, there is not really a perfect way to approach this without some problem. Posatta’s method may be the most preferable.
4 Likes
I disagree with your statement 100%. The number of legit players outnumber exploiters greatly, so you’re affecting more players negatively by prioritizing the security of the hit detections. Shooters are one of the VERY FEW scenarios where I’d sacrifice security for a better game play experience. I’m also pretty sure that most, if not all of the successful shooters on the front page use client-side hit detection.
I was able to find an old post by @AxisAngle made in 2015 where he mentions Phantom Forces using client-side hit detection (So it may not be up to date!?!?!?)
https://devforum.roblox.com/t/client-server-bullet-rendering-synchronization/20214/7
I’m not an expert on Roblox shooters though, so don’t take my word for it.
3 Likes
Phantom Forces has since then moved hit detection to the server due to a mass influx of exploiters using kill all. I’d say having a secure shooter would prove to be the better experience. I’d rather play a game where a few of my shots miss instead of a game where one person is mass killing the entire server.
9 Likes
You have the choice of not playing with exploiters, missing shots that are obviously hitting your target is wayyyyyy worse in my opinion. Poor hit detection is a major complaint in most games, especially in competitive shooters (CSGO and Overwatch for example).
@regularwolf This is bad, you should sacrifice some experience for security. If you’d rather sacrifice security for a better gameplay experience, you’ll most likely end up sacrificing more gameplay experience. The exploiting community has grown and once someone finds out the vulnerability with game A, other exploiters will eventually swarm game A and start taking advantage of the vulnerability. Users can’t choose to “not play with exploiters”. Not only is this very bad for gameplay experience and very annoying, but they’ll also most likely end up in another server that an exploiter will be in/eventually join. The developer though can surely choose to prevent exploiters from ruining others gameplay experience.
I’d go with posatta’s method as you should always take account security and it still offers immediate response for the client. There’s also the FastCast module by EtiTheSpirit though I haven’t tried it out, might be a similar concept.
3 Likes
I never said to completely ignore security if you thought that was what my post was saying. Sanity checks on the server should still be done, but the client should be the one to call hit detection. From my experience in multiple FPS communities, the major concern for those communities were inaccurate hit detection rather than exploiting (Which can easily be solved by joining a different server).
The client and the server see players from a different perspective which leads to very wonky game play due to the difference in latency. If a client observes their bullet hitting a player, the server should be notified that the target player has been hit.
When you have games with servers that support 30+ players spamming full automatic rifles, that’s where performance will definitely affect not just game play, but also affect the performance of the entire game. You definitely don’t want your entire game to be slowed down by one single area in the game do you?
It’s not a very good idea to ruin the experience for every single player in the game just to ensure that hits are 100% secured, especially when those hits aren’t even accurate to begin with.
You could still argue that exploiters are a major concern, but doesn’t every successful shooter have exploiters anyways? I personally wouldn’t play any shooter that registers my hits only 10% of the time.
You forget that the “easily solved by joining a different server” solution doesn’t apply if there is a mass amount of exploiters in the game. Take Counter Blox as an example, they have client sided hit detection. You are able to mass kill, hit through walls and whatnot. You can votekick them or switch to a new server but not long after that a new exploiter will join the fray. (Counter Blox doesn’t bar you from the server you got kicked from unlike Phantom Forces (iirc)).
2 Likes
Would you play a competitive shooter that uses Murder Mystery 2 guns just because they are 100% secured?
If I recall, I never had any hit detection problems during any of the times that I have played Murder Mystery 2.
3 Likes
You are one of the very lucky sheriffs and I envy you for that. Murder mystery 2’s hit detection usually isn’t accurate at all, but it gets a pass since it’s not meant to be a competitive shooter.
Since this is starting to get off topic, let’s go back to the OP’s original question. This section of the forum isn’t meant for arguing.
Client-side handling is the best method for the OP’s question regardless of whether you decide to use client or server side hit detection.
Yes, handling visuals should be on the client while handling hit detection and such should be on the server for the most secure and user-friendly gun system
Not handling hit detection on the server is like saying
“hey exploiters free game to cheat on xDexD”
There are many ways to deal with latency and “bad hitboxes” I actually made a project of my own and was able to accomplish all of those things. It’s possible but you have to know what you’re doing 
The way i have it set up, hit detection will for the most part be handled by the server, i think im going to go with recording 5 seconds of movement (not from every step of course) and kind of “rewind” to the timestamp from when the shot was fired, and then send the raycast from where the gun’s barrel was (and with bullet calculation of course, such as bullet drop) to see if the shot was actually possible, if so it will inflict the proper damage, i really appreciate all of you helping me and i have a much better understanding of this now!
If online sources are to be trusted, the hit detection for Battlefield 4 (and I’m assuming more games in that series), COD, Splatoon 1/2, and PUBG implement bullet hit detection client-side. Even Roblox games such as Attrition, Phantom Forces, and Q-CLASH handle hit detection client-side.
I know of a few games, such as TF2 and CS:GO, which do hit detection server-side, but implementing it in a way that doesn’t ruin gameplay takes a lot of work.
I would recommend just detecting hits locally, and doing checks server-side (e.g. make sure there’s a direct line-of-sight between the shooter and the point of impact, make sure the player isn’t dumping their entire magazine in one burst, etc.)
8 Likes