Hi, delethe these lines cuz they are exploitable through client events ( if someone uses an executor he can trigger your events and ban somone )

RegisterNetEvent('BadgerStaff:NotePlayer') RegisterNetEvent('BadgerStaff:WarnPlayer') RegisterNetEvent('BadgerStaff:KickPlayer') RegisterNetEvent('BadgerStaff:TempbanPlayer') RegisterNetEvent('BadgerStaff:BanPlayer')

By registering events you allow to use them cliently

So looking over this, and I could be 100% wrong but here goes, this looks like an well updated version of the old CADOJRP FiveM Admin Panel (which is what we are currently running) and appears to have some nice new features, mainly what caught my eye was Discord Integration).

Would it be possible to import current data from the CADOJRP admin panel into this database so we could retain all of the previous actions issued as well as playtimes if we change?

I see the config has spots for 4 different staff roles but I was wondering if it will allow for additional in the same way the CADOJRP panel does? We technically have 7 diff staff ranks and 5 diff permission sets (T-Mod, Mod, Admin, SR Admin each have their own progressive sets of power) and Head Admin, Co-Director, and Director all have the same powers. Would I be able to setup all 7 roles so I don't need multiple roles on our senior staff to ensure Co-Directors and Directors have the correct level of access to the panel?

I love the fact this works on Discord Roles as we have been moving most of our permissions for various aspects in game to discord permissions thanks to several other of your amazing resources and this would be one more thing we could change over, I just don't want to lose all of our current data by doing so.

Notice: session_start(): Ignoring session_start() because a session is already active in C:\xampp\htdocs\staff\functions.php on line 2

Warning: Undefined array key "code" in C:\xampp\htdocs\staff\index.php on line 17

Warning: Undefined array key "is-logged-in" in C:\xampp\htdocs\staff\functions.php on line 25

errors i get on the login page

Errors when trying to get to the panel

Notice: session_start(): Ignoring session_start() because a session is already active in C:\xampp\htdocs\staff\functions.php on line 2

Fatal error: Uncaught TypeError: sizeof(): Argument #1 ($var) must be of type Countable|array, string given in C:\xampp\htdocs\staff\index.php:17 Stack trace: #0 {main} thrown in C:\xampp\htdocs\staff\index.php on line 17

The script doesn't rely on a client side, and these events are only called locally on the server (not through net), making the net event registration redundant and opens up for """malicious""" stuff.
The event handlers also do not contain any checks for ACE permissions, allowing any client to potentially kick and/or ban players, and add details to the database.

Removing the net event registration should resolve this.

i am constantly getting the same native error when i am joining my server while badgerstaffpanel-script is started, i have no clue whats going on
i have tried reinstalling the default resource with no success
the website that i set the panel up on seems to work completely fine, just seems to be a problem with the resource (?)
i dont believe im getting any errors through mysql-async either "[mysql-async] [SUCCESS] Database server connection established."

as soon as it tries to load BadgerStaffPanel-Script it sends me that error in console and in fivem it stays on "BadgerStaffPanel-Script: Deferring connection" and then eventually just fails to handshake
all i was really able to gather was that the native points me here https://docs.fivem.net/natives/?_0x406B4B20
it would be nice if i could just get pointed in the direction of what could be causing the issue