So it appears no matter what I do when using Player.Name.tolower(); It becomes highly exploitable. I can create an account and use Motley, Register, Leave, Use a new user name and make it MOTLEY and there is the exploit I can now load admin setting to what ever I want. Heck I could join any server using it and give the cash to my user and I am rich.
Please anyone else that also has dealt with this or mostly LIKED Is there a fix to this issue?
Maybe This is supposed to be in the concept of
else if ( MD5( text ) != Password ) MessagePlayer( "Error - Invalid Password.", player );
And instead get the lowered name? but even FBS and VBS has this stupid exploit(I knew they wouldnt do it wrong). Maybe The squirrel edition needs to be updated?
