What is the best way to secure a GiveItem function passing through a RemoteEvent?

Help and Feedback Game Design Support
, , , ,
1

Hi everyone! I wasn’t sure if this should be in Scripting Support or Game Design Support so I’m putting it here.

Context:
I have a Script (RunContext: Client) under a ProximityPrompt in a folder named “Essentials” under workspace. In ReplicatedStorage, I have an Events folder with the GiveItem and PayMoney event.

PayMoney is secure enough with checks on the player’s amount of money and seeing if the number isn’t a negative number (To prevent exploiters from calling a negative number on the event and receiving money instead of being deducted money).

What I’m unsure of though is how to secure the GiveItem event, I’ve thought about adding sanity checks but I don’t really know WHAT to sanity check since this event is to be used for not just purchasing items but also for giving items in general when called by the client.

How would you approach this?

Further Context:

ClientSided ProximityPrompt Script:

image
image225×133 6.76 KB

local Price = 10
local ReplicatedStorage = game:GetService("ReplicatedStorage")
local Item = "Bread"

script.Parent.Triggered:Connect(function()
	ReplicatedStorage.Events.PayMoney:FireServer(Price)
	ReplicatedStorage.Events.GiveItem:FireServer("Bread")
	script.PurchaseSFX:Play()
end)

Snippet of the GiveItem Handling on the Server-Sided Main Script:

image
image201×108 5.35 KB

image

local ReplicatedStorage = game:GetService("ReplicatedStorage")

local Events = ReplicatedStorage.Events
local GiveItem = Events.GiveItem

local function GiveItemFunction(Player, ItemName)
	if Player then
		local Backpack = Player.Backpack
		local Item = ReplicatedStorage.Items:FindFirstChild(ItemName)
		if ItemName then
			Item:Clone().Parent = Backpack
		end
	end
end

GiveItem.OnServerEvent:Connect(GiveItemFunction)
2

Solved!

I decided to create my own solution and it seems to work well so I’ll just leave this here for anyone else who could use this as a resource in developing a similar system!

The solution I landed on was to make a nested table system.

Similar to this:

local Items = {
     [ItemName] = {Price = 10, ItemInstance = ServerStorage.Item} -- Where ItemInstance is a reference to wherever you put your item instance to be cloned.
}

GiveItem.OnServerEvent:Connect(function(Player, ItemName, Amount)
     -- Place functionality here
end)

Now, instead of the client handling having to pay, the server does that automatically! All the client has to do is call the server for an item and then the server handles the payment automatically along with giving the item!

And if the client were to ever call for an item to be spawned for free then we can simply change the price to 0 OR if the client has an admin command menu (Like if they are a special administrator) then we can simply give the client money equivalent to the price of the amount of items they’re spawning while they call the GiveItem command to make it seem as if it didn’t cost them anything!

3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.