From 772f4f5d6ef269c26c54746e2aeebc5ee62e695d Mon Sep 17 00:00:00 2001
From: Troughy <troughyofficial@proton.me>
Date: Mon, 30 Sep 2024 18:38:45 +0200
Subject: [PATCH] Fix a vulnerability regarding character deletion

This will disallow cheaters (anyone with a LUA script executor) from deleting their characters, bypassing the `Config.EnableDeleteButton` setting.
---
 server/main.lua | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/main.lua b/server/main.lua
index 9c42e98..2a80244 100644
--- a/server/main.lua
+++ b/server/main.lua
@@ -140,6 +140,7 @@ end)
 
 RegisterNetEvent('qb-multicharacter:server:deleteCharacter', function(citizenid)
     local src = source
+    if not Config.EnableDeleteButton then return end
     QBCore.Player.DeleteCharacter(src, citizenid)
     TriggerClientEvent('QBCore:Notify', src, Lang:t("notifications.char_deleted") , "success")
 end)