Hello, so few months ago i made my melee “system” that can destroy the destructible objects on the map and kill other players, but i recently realized, that it has a big flaw…
How it works is I’m using Camera,ViewportSize (previously used Mouse.Hit.Position) to make a ray from the center of the Viewport to find a part I’m looking at, next, I create another ray from player’s head in the direction of that part with a length of 7 studs, and if I find a part - I send it to the server, and this is the big problem… because if they can just fire any parts, they can destroy everything in no time at all, doesn’t matter i have a magnitude check or not, if they can loop through all the parts, find player head’s and pretty much make an auto-killer.
Local script (not full):
function getMouseAndTargetLocation(cursorPosition)
local viewportPoint = camera.ViewportSize/2
local unitRay = camera:ViewportPointToRay(viewportPoint.X, viewportPoint.Y+36)
local ray = Ray.new(unitRay.Origin, unitRay.Direction * 999)
local hitPart, hitPosition = game.Workspace:FindPartOnRayWithIgnoreList(ray, {char})
---
local origin = char.Head.Position
local direction = (hitPosition - origin).Unit * 7
local ray = Ray.new(origin, direction)
return workspace:FindPartOnRayWithIgnoreList(ray, {char})
end
rswingTrack:GetMarkerReachedSignal("Hit"):Connect(function()
local part, pos = getMouseAndTargetLocation()
if part then
script.Parent.Server_Handle.Dest:FireServer(part)
end
end)
Server (not full):
script.Dest.OnServerEvent:Connect(function(plr,part)
if part then
if (part.Position - workspace:FindFirstChild(plr.Name).Head.Position).Magnitude <= 8 and part:IsDescendantOf(workspace.CurrentMap) then
script.Parent.Boom:Play()
part:Destroy()
elseif part:IsDescendantOf(workspace) and part.Parent:FindFirstChild("Humanoid") then
part.Parent.Humanoid:TakeDamage(part.Humanoid.Health)
script.Parent.Boom:Play()
elseif part:IsDescendantOf(workspace) and part.Parent.Parent:FindFirstChild("Humanoid") then
part.Parent.Parent.Humanoid:TakeDamage(part.Parent.Parent.Humanoid.Health)
script.Parent.Boom:Play()
end
end
end)
How could I make it more secure to exploits? (I know it’s quite messy, feel free to suggest how i can optimize it )
It’s local script because of camera and mouse.
What could i change, or what could I check for in the server script?
I was thinking casting rays from server only, but I can’t send camera object or mouse with RemoteEvent, can I?
The best i can come up with is send the hitPart and hitPosition, and then do the rest on server.