While reading posts about preventing exploits, I’ve seen people talk about “sanity checks”
I couldn’t find anything when I Googled it, so hopefully one of you can help me understand.
Note: This is my first post on the devforum, sorry if it’s a bit sloppy
Checking with the Server, Verifying on the Server, Checking if something is legit.
Let’s say you need $100 To buy item A, you send a remote to the server and the server checks if that player has enough money then gives that player item A.
I advise that you check both on the server and client.
Sever checks are there to prevent cheaters, exploiters.
Client checks are there to prevent unnecessary events from firing to the server.
Jokes aside, you’re checking whether the values of your variables are sensible and/or expected. For example:
I have this client script:
showMessage("Type a number between 1 and 5")
doSomeStuff(getNumberTyped())
The expected value is between 1 and 5, so we do a sanity check to verify the number is, indeed, between 1 and 5:
local function doSomeStuff(number)
if typeof(number) == "number" and number >= 1 and number <= 5 then
-- do stuff
else
error("gib number between 1 and 5 pls :c")
end
end
This is especially useful when stopping exploits as you can check that the player has enough money to spend an item, or has the item they’re trying to activate, in their hand.
Sanity checks is a way you can authenticate events such as Remote Events. You can use the parameters in a function to determine if that function is within reasoning to be functioning. This can combat against exploiters and cheaters who try to do things which they shouldn’t do.
Making checks or doing sanity checks stops this from happening. Essentially, you could call it making your code smarter so it doesn’t do silly things.