Jump to content

Obscuring dynamic field from client?


Tiel
 Share

Recommended Posts

When you set up a multiplayer server, I understand there's a dissonance between what's on the server vs the client. Correct me if I'm wrong, but on connect, a client has objects in the game world 'ghosted' to them, is the word. Following that any game logic should be on the server.


Because if you do, say

 

function serverCmdassignproperty(%thing)
{
%thing.juice="tampa";
}

 

A client attempting to access %thing.juice without calling a server command will not be able to retrieve the string "yes" and Torque throws a warning, at least in my tests.


This seems safe enough...or is it? Are there any circumstances where a client would be able to get %thing.juice without invoking a commandtoserver? Is there anything that should be done further to ensure .juice stays out of the wrong hands?

Link to comment
Share on other sites

Nah, security of that nature is built into the bones. Variable ghosting requires either https://github.com/GarageGames/Torque3D/blob/c83efa59e0a11fc15c68afaf106807643191ac6f/Engine/source/environment/basicClouds.cpp#L219 + https://github.com/GarageGames/Torque3D/blob/c83efa59e0a11fc15c68afaf106807643191ac6f/Engine/source/environment/basicClouds.cpp#L240


or, as it looks like you're intending, an explicit commandtoclient("Foo",%var)+cliencmdFoo(%var) to retrieve data from a server. Anything you tack onto one side of the net connection on the fly stays on that side.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...