Running a function on server from client with args.

Hey FP,
Instead of using the exploitable console commands for a gamemode to set the teams, is there any other way of getting the client to run a server-side function to set teams with arguments (I.E. Team1, Team2, etc.) without using conncommand.Add?

What I’m doing is on InitialSpawn it opens a menu client-side that lets the client pick a team. Once the team button is pressed it would then run the simple settingteam server-side function with arguments ( ply, teamid ) for use of which player and what team. Since the menu is part of a client-side script it uses LocalPlayer(). I’m wondering if I could do that without console commands, or if I could if theres a way to control it so players cant just set their teams if they know the concommand.


and no, there is almost no way except chat commands that aren’t made with console commands.

No, there is nothing else but console commands. Simply do your security checks serverside instead of clientside.

I might try that, but just for future reference when using datastream.StreamToServer I don’t want to accept all datastreams on the server right?

You can only accept datastreams you registered in your gamemode. Then, yes, you should also be checking if you want to accept it.

The rule is that nothing sent from the client can be trusted.

For your information, datastream uses hidden concommands to stream data to the server.

Concommands are the only way to execute something on the server on a request from a client. Just do security checks.


For instance, for your team things, just make it so the concommand does nothing when you use it when you shouldn’t be able to change teams. That’s really not hard at all to do.

Any suggestions on what I would want to check for? How about when the button is pressed set pl.ChoseTeam or some other variable name to true, would that work as long as its serverside?

It all depends on what you want to prevent, but yes.

Oh really? I mean its a shitty method, but I always assumed you could use this for commands.


That’s a hook that reads “say” console commands, which anyone can send. That’s one of the least secure ways to do it.

I never said it was secure :P, and yeah I now realize that that is just a console command still being run >.<