Here I am with a question again. I’ve searched on here and on Google but I can’t seem to find the correct answer. I’m going to explain what I want as clear as possible and would like to know what the best way is to do this.
I have a game, with a shop. This shop sells items that are paid for with coins, which you can gather throughout the game in various ways. I have the coinsystem working perfectly, no problems there. My problem is this;
I want the items that can be bought to be stored securely. So I store them in a folder under ‘ServerStorage’. Now I know the clientGui (the store that should display the items for sale) can’t see them directly from ServerStorage, which is the whole idea. So I also know that once they are bought they have to be cloned to the player.
The problem is however, how do I get the items from the ServerStorage in order to display them, without exploiters being able to ‘grab’ them meanwhile? My initial idea was to temporary clone them to a folder in ReplicatedStorage, then list them (which works!) and then Destroy() them again. That also works, but since you destroy the items, they also disappear from the store.
Long story short (sorry!). What is the best and most secure way to list items from ServerStorage to the client(gui)? Or shouldn’t I place the items in ServerStorage to begin with?
If there already is a topic about this that I’ve missed, feel more than free to list it to me.
Thank you in advance again, you guys are always a great help!
Create all the UI you need for a player who just joined, on the server, which would be buttons displaying items you can buy. Then the client would connect events to those buttons, and could use RemoteEvents to tell the server what they’re trying to buy.
What are these items that must be secure and hidden from exploiters? Why is it important it’s hidden?
What is usually done in these cases is to create views of the items to be sold: these can be flat images, to simple models without scripts, or any other information.
Of course this does not guarantee that hackers will not do theirs (they always find a way), but it makes their life more hard.
So far the most effective weapon against hackers is constant updates.
The reason is that, in the way I see it (which may be wrong) is that as long as the items are in ‘ReplicatedStorage’ someone could clone them in to their own Player. I know that would only be for the session, as I am storing the buy in a DataStore as well, but still.
However, maybe I’m seeing this completely wrong. But I read somewhere when I started this that storing buyable items in ReplicatedStorage was bad practice. However, absolutely correct me when I’m wrong.
That is actually a very smart idea! So basically you’re saying that what to do is create a ‘fake’ representation of the actual item. I never thought of that! I already store the thumbnail image etc, so it would just be a matter of getting the info that I need. Thank you for that!
Yes, an exploiter could clone an item from replicatedstorage to their player. That doesn’t mean it will function in any way. The server does not know about this, therefore it can’t agree that you own that item, so nothing happens.