Fix a vulnerability regarding character deletion

This will disallow cheaters (anyone with a LUA script executor) from deleting their characters, bypassing the `Config.EnableDeleteButton` setting.
qbcore-framework · Sep 30, 2024 · 772f4f5 · 772f4f5
1 parent 5e8ac7b
commit 772f4f5
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/server/main.lua b/server/main.lua
@@ -140,6 +140,7 @@ end)
 
 RegisterNetEvent('qb-multicharacter:server:deleteCharacter', function(citizenid)
     local src = source
+    if not Config.EnableDeleteButton then return end
     QBCore.Player.DeleteCharacter(src, citizenid)
     TriggerClientEvent('QBCore:Notify', src, Lang:t("notifications.char_deleted") , "success")
 end)