Open neves768 opened 7 years ago
pull request #82
The thing is, this can't be done that easy. This can become a potential exploit when storing all the values client-side. Rule N° 1 in anti hacking is don't trust the client. Any ideas on how to secure the tables?
We could make the tables serversided, and generate a new key for every player (maybe based on their serial?), which could look like this playerDynamicTable[getPlayerSerial]. Any changes made by the player should be validated first through checking if the values match (like, if a player eats something, the value of the item he ate will be sent to the server and checked against the value provided in the table for nutritional values. If they do not match, abort further procedure). Since most data sent to the client is just for displaying them (inventory, status icons, ...), we wouldn't have to worry about that in terms of security.
using tables instead of elementData will save a lot of bandwidth and will decrease the chance of server shutdown by elementData exceeding the limit (Adding more players capacity)
the server shuts down because of the amount of elementData exceeding a limit? Never heard that one before 🤔
@1B0Y I saw it on 3 servers In most cases, they have more than 100 players simultaneously
Huh, never knew. Changing everything over from elementData to tables would be a challenge and very time consuming, so you guys need to consider that and whether it'd be worth either updating the current framework we have, or going ahead with the new framework idea me and CiBeR had a few weeks ago.
As a plus, we need to add support for MySQL Tents and Vehicles.
@neves768 are you up for adding Tents and Vehicles to the MySQL System?
@ciber96 only after 14/06/2017 (when I finish my week of exams and start vacations)
Posted by Lawliet (mtadayz) on https://github.com/mtadayz/MTADayZ/issues/26
"I was wondering whether or not we could, somehow, use a mixture of tables and SQL instead of setElementData(). It may sound like that would be a lot of (unnecessary?) work, but since setElementData() is one of the main issues of MTA DayZ (and the strain it puts on both server and clients), it begs the question what alternatives we have.
My idea is as follows: As long as the player is online and playing, everything he does will be done via tables (table.insert, table.remove, possibly table.merge, ...). As soon as he logs out, everything in the tables will be stored in the SQL database (using either dbPoll/dbQuery/dbExec or executeSQLQuery). Once said player joins back, everything in the database will be written back to the tables. Of course, said tables will be clientsided and for the localPlayer only, to ensure no tables are being mixed up."