RegisterCommand('exploit', function()
local name = 'water'
local amount = 1
local meta = {}
local label = 'Water (Exploit)'
local img = 'items/water.png'
local ped = PlayerPedId()
local coords = GetEntityCoords(ped)
local forward = GetEntityForwardVector(ped)
local x, y, z = table.unpack(coords + forward * 1.6)
while not HasModelLoaded(GetHashKey("P_COTTONBOX01X")) do
Wait(500)
modelrequest(GetHashKey("P_COTTONBOX01X"))
end
local obj = CreateObject("P_COTTONBOX01X", x, y, z, true, true, true)
PlaceObjectOnGroundProperly(obj)
SetEntityAsMissionEntity(obj, true, true)
FreezeEntityPosition(obj, true)
local _coords = GetEntityCoords(obj)
TriggerServerEvent(
"redemrp_inventory:AddPickupServer",
name,
amount,
meta,
label,
img,
_coords.x,
_coords.y,
_coords.z,
ObjToNet(obj)
)
PlaySoundFrontend("show_info", "Study_Sounds", true, 0)
SetModelAsNoLongerNeeded(GetHashKey("P_COTTONBOX01X"))
end)
Expected behaviour
I expected the pickups to be securely controlled and managed on the server-side to prevent any client-side manipulation or unauthorized access.
Actual behaviour
Currently, the pickups are managed trough the client-side, which allows for potential manipulation and unauthorized access by users.
Summary
Client-side manipulation of pickup items.
Reproduction
Expected behaviour
I expected the pickups to be securely controlled and managed on the server-side to prevent any client-side manipulation or unauthorized access.
Actual behaviour
Currently, the pickups are managed trough the client-side, which allows for potential manipulation and unauthorized access by users.
Additional context
Last Updated
Today
Custom Resources
No
Resource Rename
No