I entered it in the terminal of glitch. Where do I have to enter it?
When I go to my site, it says
{"error":"Server configuration error: Error: No cookie supplied and no cookie file available."}
What is wrong?
As the error says, the site canât find your cookie because it doesnât know the correct file that it is in. Is your cookie in config.json? Or did you move it into the .env?
It is in config.json.
30 charss
Here is my side bar
Is it that I didnât add the _|WARNING:-DO-NOT-SHARE-THIS.âSharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items| in the cookie?
Edit: It was! Mines fixed.
Youâre trusting the client way too much in your example code. You can check if the user owns the gamepass on the server when they join and you can also use https://developer.roblox.com/en-us/api-reference/event/MarketplaceService/PromptGamePassPurchaseFinished to check for when they purchase it on the server.
Otherwise, an exploiter could easily just fire the remote and promote themselves to the rank right under the bot. Iâd advise also adding a maximum promotable hardcoded range by checking the playerâs rank before allowing to promote this can prevent a lot of abuse by keeping them within an acceptable range that you donât have to worry about.
I quickly made a better example
Client Button
local MarketplaceService = game:GetService("MarketplaceService")
local Players = game:GetService("Players")
local LocalPlayer = Players.LocalPlayer
local GamepassId = 0000000
-- Would also use .Activated to allow mobile devices to activate the button innstead of just mouses.
script.Parent.Activated:Connect(function()
MarketplaceService:PromptGamePassPurchase(LocalPlayer, GamepassId)
end)
Server
local MarketplaceService = game:GetService("MarketplaceService")
local Players = game:GetService("Players")
local Server = require(path.to.Server.module)
local GroupId = 000000
local Gamepasses = {
{
RankId = 30,
Id = 000000
},
{
RankId = 50,
Id = 000000
}
}
MarketplaceService.PromptGamePassPurchaseFinished:Connect(function(Player, GamepassId, wasPurchased)
if wasPurchased then
for _, Gamepass in pairs(Gamepasses) do
if Gamepass.Id == GamepassId then
if Player:GetRankInGroup(GroupId) < Gamepass.RankId then -- We don't want to demote them, but idk why they'd buy a lower rank...
Server.SetRank(GroupId, Player.UserId, Gamepass.RankId)
end
end
end
end
end)
Players.PlayerAdded:Connect(function(Player)
-- Less than the rank you're about to promote them to otherwise :shrug:
local HighestRankId = 0
for _, Gamepass in pairs(Gamepasses) do
if Player:GetRankInGroup(GroupId) < Gamepass.RankId and MarketplaceService:UserOwnsGamePassAsync(Player.UserId, Gamepass.Id) then
HighestRankId = HighestRankId < Gamepass.RankId and Gamepass.RankId or HighestRankId
end
end
if HighestRankId > 0 then
Server.SetRank(GroupId, Player.UserId, HighestRankId)
end
end)
The example usage is not meant to be used line for line in game, as it is merely meant to show that the outcome of this tutorial can allow you to rank a player if they own/buy a gamepass.
Thank you for your contribution, I will add your improved code into the example usage section.
Tysm! This can be useful in many different ways! I owe my life to u
Thanks for the tutorial, That really helped me!
GlitchAPI is a simple API, it is easy to exploit sometimes, people make âxenâ codes or encrypted code to exploit these type of systems and I donât recommend using it until Glitch gets their act together. Exploiters can easily give themselves free ranks.
(Credit to @e7c)
Yes, this has been mentioned multiple times in previous replyâs. These replyâs also give suggestions of other hosting services.
Where do you add this script into? and âpathâ is an unknown variable.
I have a question about this, for the âserverâ script under Part 4, were do I put the script?
If you read the tutorial properly, the Config and Server script goes inside the Main Script.
Would it work if I created a bot account that could change group ranks in my groups so if the Glitch thingy got hacked, it wouldnât expose my real .ROBLOSECURITY code?
Yes, and you should. Never use your main ROBLOX account, or any account that you donât want to lose, with the security cookie.
Yeah, I definitely agree. Putting you .ROBLOSECURITY cookie is extremely dangerous and can be daunting. Exactly what I thought in my mind. If they had a data breach, imagine how badly this would impact our accounts and confidential information.
Not those scripts, I am talking about the Server script on PART 4.
Thatâs exactly what i said so read it again
He means the part with the Client Button and Server.