Manason
commented
3 weeks ago The breaking change that Qbox started with was requiring grades as numbers. However, we could always add a convar that makes it so that bridge returns them as strings.
Open solareon opened 3 weeks ago
Manason
commented
3 weeks ago The breaking change that Qbox started with was requiring grades as numbers. However, we could always add a convar that makes it so that bridge returns them as strings.
solareon
commented
3 weeks ago Agree on the return bit but we do need to fix the input not being sanitized correctly.
Summary
CreateJob/CreateGang don't validate grades are numbers
Reproduction
Use bridge layer with a script designed to add jobs/gangs at run time with qb-core style grades and they are inserted into the job/gang tables with string grade keys vice numeric ones.
Expected behavior
That grades are checked to be numeric before inserting into the table
Actual behavior
The grades are inserted as is without validation
Additional context
The code in question is in
server/groups.luawhich just requires some additional sanity checks before inserting into the group grades table.Unsure if the grade data returned via the bridge layer functions should translate the grades back into strings or if this can be safely ignored.
Current Version
v1.18.0
Custom Resources
n/a