Then you use an OnClientEnter script to check for their stats and kick them out if they are out of order. If you're using NWNX, it has a nwnx_elc plugin that does all the checks for you, taking into account more custom stuff, and it allows you to plug in additional logic via nwscript (so you keep ELC for e.g. feats, but not stats).
NWN design is that clients are allowed to do _anything_ and it's up to the server to validate it is correct. There's a dozen other ways players can send you bad data that doesn't involve modifying 2DAs - including hand crafting the network packets and sending them to your server. It is _not possible_ to validate this on the client, only the server.
By manipulating local 2das and renaming them, pretty sure it's the classes.2da or something, you can cause the "recommended" button during character generation to give you 255 in everything, so on and so forth.
The fix is to turn ELC on. If you turn it off, it is functioning as designed.
Be this as it may, many servers that implement custom templates using creature skins cannot use ELC.
Hey DM_Djnn, I would love to try this on my server. I've had players in the past give themselves 100 in all stats and I always wondered how they did that. Could you explain step by step how to do it?
I learned a long time ago (when not using ELC or ILR) to basically strip all new characters, check their stats against what a character can make, reset stats and then save the character to the server vault so they can't do any further modifications. I've had many try on purpose to get past this, so far has worked well for 2 decades
Comments
What about fix this ,@beamdog?
NWN design is that clients are allowed to do _anything_ and it's up to the server to validate it is correct. There's a dozen other ways players can send you bad data that doesn't involve modifying 2DAs - including hand crafting the network packets and sending them to your server. It is _not possible_ to validate this on the client, only the server.
Hey DM_Djnn, I would love to try this on my server. I've had players in the past give themselves 100 in all stats and I always wondered how they did that. Could you explain step by step how to do it?