ReplayMod

Replay Mod Forums

  1. Home
  2. Feature Requests
  3. [Idea] Custom Spigot Plugin
[Idea] Custom Spigot Plugin
    • User
    • 6 forum posts
    User111
    #1

    Aug 13 15, 07:00 PM | Last edited: Aug 13 15, 07:05 PM

    Well, as you can know, the server doesn't sent the information about other players to the client or sometimes the opened GUIs aren't readable, so what if you do a custom Plugin so the server sends the information by JSON actually it's pretty simple and you can make it work so it appears a Hotbar with the items, and update it on the click of the inventory.
    So you can make a Plugin so this happens and well, this mod is so damn famous so a lot of servers would have it.

    You can make it by sockets or a HTTP tunnel or a Web socket, it's pretty easy :).

    PD: I could help but as you want.

    • User
    • 6 forum posts
    User111
    #2

    Aug 13 15, 07:00 PM

    Also, sry for my bad English (Isn't my native language)

    • Beta Tester
    • 126 forum posts
    User8
    #3

    Aug 13 15, 10:11 PM

    The problem with that is people would find a way to take advantage of this in hacked clients, and more, so as awesome as that'd be, it would be a great way to give hackers more info like /invsee : /

    • User
    • 6 forum posts
    User111
    #4

    Aug 14 15, 12:11 AM

    Well, I thought about that too but we can encrypt the information and put a lot of security measures.

    • User
    • 18 forum posts
    User81

    in response to User8

    #5

    Aug 14 15, 01:01 AM

    User8
    The problem with that is people would find a way to take advantage of this in hacked clients, and more, so as awesome as that'd be, it would be a great way to give hackers more info like /invsee : /

    Eventually, that could require a unique token that is only generated from the replaymod.com servers each time you log in, same way minecraft works. And so if there is no valid token you can't retrieve information from the plugin

    Well, there's many tricky ways like this but It's sure not simple to do something like this without giving hackers better possibilities.

    • User
    • 6 forum posts
    User111
    #6

    Aug 14 15, 01:03 AM

    Mister well, you have to be carefully and have controll of things but it''s true that this could help alot of people in their videos

    • Moderator
    • Beta Tester
    • 125 forum posts
    User37

    in response to User81

    #7

    Aug 14 15, 08:12 AM

    User81
    User8
    The problem with that is people would find a way to take advantage of this in hacked clients, and more, so as awesome as that'd be, it would be a great way to give hackers more info like /invsee : /

    Eventually, that could require a unique token that is only generated from the replaymod.com servers each time you log in, same way minecraft works. And so if there is no valid token you can't retrieve information from the plugin

    Well, there's many tricky ways like this but It's sure not simple to do something like this without giving hackers better possibilities.

    Also this would add extra load on the Replay Mod servers, which I don't think at this point in time is something we want :p

    • Developer
    • 1883 forum posts
    User10
    #8

    Aug 14 15, 10:45 AM | Last edited: Aug 14 15, 10:45 AM

    From a developer's point of view:
    No, there is no way we could prevent such a feature from being abused. Absolutely none. Encryption won't help if the user is the one decrypting it.
    Well, except, when we for example just send the inv data afterwards and therefore when it's of no interest to the gameplay that has already taken place. Still this could be abused in e.g. longer running games (your standard survival server) where you are allowed to disconnect mid-game.

    • User
    • 6 forum posts
    User111

    in response to User10

    #9

    Aug 14 15, 09:21 PM | Last edited: Aug 14 15, 09:37 PM

    Spoiler: Quote

    Well, if you know What you are doing there's no way a server gets overload.

    Spoiler: Quote

    Well, I'm a developer too, and yes there's a lot of ways this can be secured and you are giving a great Idea that it sends the information at the disconnect/match over.
    Edit: (The problem here, is that this information can use a lot of space so It would had to be short periods)

    • Developer
    • 1883 forum posts
    User10

    in response to User111

    #10

    Aug 14 15, 09:31 PM

    Spoiler: Quote

    I do not think that's a great idea. It has too many flaws (e,g, what happens on a network disconnect? what about servers that allow you to reconnect? the server would have to keep all the changes happening to every inventory during the player's session somehow saved, multiply by 150 players that might only disconnect every 2h on average).
    Actually that's the only way I can think of (somewhat securing this), could you describe a few more ways of actually securing it?

    • User
    • 6 forum posts
    User111
    #11

    Aug 14 15, 09:33 PM | Last edited: Aug 14 15, 09:34 PM

    Yeah, after all this discussion I started thinking in all the problems it would carry, but It's a great Idea, there needs to be another way :/
    EDIT: Mostly in the memory part so it keeps all the information of the Player until it ends or a very very very secure way to actualize the information, but It would be very laggy with 400 ppl.