ESX Code to give me or other players money

youtecstuff · November 24, 2021, 4:48pm

Hi, I’m a new developer and I’m started on my first big project I want to make an admin menu and for this I need the code to give me or any other money (trigger, code, and textbox) I’m German so sorry for my bad English. If you want to help me I can send you the Code from the menu for this

thibaultD · November 24, 2021, 5:34pm

Hey !
Check the ESX doc, you’ll find all the usefull ESX related methods for your project

https://esx-framework.github.io/es_extended/server/xplayer/functions/addmoney/

For example, to give the player money you just use the addMoney() function server side :

local moneyExample = 100
local xPlayer = ESX.GetPlayerFromId(source)
xPlayer.addMoney(moneyExample)

Peace

youtecstuff · November 24, 2021, 7:32pm

I didn´t work, in the client.lua i have :
if data.current.value == ‘bankmoney’ then
TriggerServerEvent(“Admin_giveCash”)
end
And in the server.lua :
ESX = nil

local moneyExample = 100

local xPlayer = ESX.GetPlayerFromId(source)

RegisterServerEvent(‘Admin_giveCash’)

xPlayer.addMoney(moneyExample)

end)
But it didn´t work
Pls Help

thibaultD · November 24, 2021, 7:44pm

Server side code :

Client side code :
screen87

titanium · November 25, 2021, 12:17am

You should never let any client-side code and/or server event do that. There are numerous ways a user can attempt to abuse such a thing and set the value they want.
This is a really bad practice that should be avoided at all costs.

AGW_Ismael · November 25, 2021, 11:49am

You are not checking if the player triggering the event has any sort of ACE permission at the very least. Anyone could trigger that event with any value they want.

youtecstuff · November 25, 2021, 12:23pm

That was not that what I asked, this I’m doing my self

youtecstuff · November 25, 2021, 6:16pm

i have then the error in server.lua attempt to index a nil value (local ‘xPlayer’) , i cant fix it

thibaultD · November 25, 2021, 6:20pm

Yeah I always forget to do a “security” check, It came to my mind when @titanium mentionned it.
Using something like IsPlayerAceAllowed() . But at the same time I was wondering : I’m aware and I understand why people can forge event triggers if they want to, but isn’t it possible to tamper the source value too in ? In wich case checking if they have the ACE permission wouldn’t prevent it no ?

AGW_Ismael · November 25, 2021, 9:26pm

You are declaring the xPlayer outside of the server event’s scope.

AGW_Ismael · November 25, 2021, 9:43pm

I do not believe it is possible to spoof the source passed to server events using conventional cheating methods

youtecstuff · November 26, 2021, 6:38am

Can you say me how to do that ?

AGW_Ismael · November 26, 2021, 6:41am

This was already addressed by thibaultD one post after yours. While extremely unsecure, the syntax is correct and should work.

system · December 26, 2021, 6:42am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.