I'm trying to figure out how I let server owners edit their config without having to leave the game. I know the basic concept or at least i think I do.
1. Keep a clientside version of the config
2. When changes are made send to the server
3. Overwrite all previous data from the old configs with the new info. both clientside & serverside
I have absolutely no clue on how to program this though. All help is greatly appreciated!
Net messages & using file.write in the data folder(where your config will be kept) -- dangerous doe if someone exploits it.
[QUOTE=whitestar;50151120]Net messages & using file.write in the data folder(where your config will be kept) -- dangerous doe if someone exploits it.[/QUOTE]
Is there a more secure way to do it, or make it hard for someone to exploit?
Addons users you mean people that are using your addon (server owners).
Then you can just make a nice gui or just console command with sufficient checks and net message and update the config with the data you got.
[QUOTE=MexicanR;50151136]Is there a more secure way to do it, or make it hard for someone to exploit?[/QUOTE]
check serverside if the sending player is in a specific usergroup (wich has to be added in the config in a subtable first time as example, superadmin).
Also make sure you check the data being written to make sure it's expected. I was going to suggest SQL data storage as an alternative, but same applies.
Just in all circumstances just make sure what the client has changed, the server recognizes as a valid change.
[editline]17th April 2016[/editline]
Simple example, if you had a Boolean - true or false - when it hits the server, check it is either true or false before adding to the config - very simple example. Make sure they haven't put bananas or something. But in Boolean circumstances you'd use a tickbox anyway.
Talked over Steam, we discussed using JSON to store the data and retrieve on server start into a Lua table, allowing the Lua table to be written back as JSON on config change.
Any input is appreciated, as I know data handling, but not Lua security well, so if there's something major I've missed in the way of exploits just say.
[CODE]-- Check if the json config exists, if it doesn't, write the empty tables in lua to the file as a starting point - this will avoid the need to have the txt file already.
-- If it does exist, it'll copy the existing config to the default table, overwriting it.
hook.Add("Initialize", "CheckConfigExistance", function()
if !file.Exists( 'ras_config.txt' ) then
file.Write( "ras_config.txt", util.TableToJSON( RAS.Config ) )
else
local data = file.Read( "ras_config.txt" )
RAS.Config = util.JSONToTable( data )
end
end
-- This is how you use your config - as normal with Lua tables.
if RAS.Config.One.Enabled then
-- blah blah blah
end
-- This is how you'd change a config value and update the file, ready for next restart.
function SetOneEnabled( bool )
RAS.Config.One.Enabled = bool
file.Write( "ras_config.txt", util.TableToJSON( RAS.Config ) )
end
RAS.Config = {}
RAS.Config.One = {}
RAS.Config.One.Enabled = true
RAS.Config.Two = {}
RAS.Config.Two.Int = 1[/CODE]
Sorry, you need to Log In to post a reply to this thread.
