Final project: a 24/7 store with QBCore · Lesson 4/4 · 7 min
Polish, secure and publish
Security review and publishing the resource to the community.
To wrap up, review security and package the resource. The key is that the client only asks; the server already validates everything.
Security review
- Money moved only on the server, with balance checked (RemoveMoney). ✓
- Price read from Config on the server, never from the client. ✓
- Item validated against QBCore.Shared.Items. ✓
- Per-player anti-spam. ✓
- No hardcoded secrets, config in config.lua. ✓
Publish it to the community
Package the tienda_247 folder into a .zip and upload it to the Crxative-M Community. It'll go through the automatic security audit and, if it's clean, other QBCore server owners will be able to use it. You've just forged and shared your first complete resource.
You've closed the loop in QBCore: fundamentals, core, jobs and items, client-server, database, interfaces and security, all in a real resource. From here, whatever you can imagine.
Practice what you learned
0/3¿Cuál de estos blindajes del servidor evita que un tramposo se lleve items GRATIS?
Completa la línea del fxmanifest que declara que el recurso depende de qb-core.
client_scripts { 'client.lua' }server_scripts { 'server.lua' } 'qb-core'Pista
Es la palabra clave que asegura que qb-core arranca antes que tu recurso.
Antes de publicar el recurso en la comunidad, ¿qué afirmación es correcta sobre la seguridad?
Challenge: code it yourself
Package your store into a .zip and upload it to the community so it passes the audit.
Write it yourself in your editor (VS Code) and test it on your server. You learn here by doing it, not by copying.
See hint
Compress the resource folder and upload it at /comunidad/nuevo; check the audit report.
Escribe aquí tu solución: