remote:FireServer()
By running the above code in the local script, player data can be transferred through ‘remote’ RemoteEvent.
But I had this idea. If this code runs on a local script, wouldn’t it be possible for hackers to tamper with the player data being transmitted?
yes. just make sure you have server side sanity checks to make sure what the information the client sent is valid in your situation. if not, you can punish them however you want
May I know how to check the ‘player’ data, i.e. how to know if the player really sent the RemoteEvent.
i’m not very confident and technical about this, but you COULD use remote functions for that. when the server gets called, you can use a remote function to call back to the client, and see if the player REALLY sent the RemoteEvent. Then again, i’m not sure if this is totally reliable. i personally do not do this as i think it is a waste of time, and i just do checks to make sure the data is reliable and go on from there.
no
server side sanity checks, under no circumstances trust the client
^^^^^^^ what he said.
char limit