Actually after doing some further research on the skill system, I've found and I'm almost ready to call it a bug. I'm going to put something in that logs so I can actually see the data thats being sent, and whats actually being loaded.
The reason it appears to be a bug. Logged in with different clients each producing different results for instance brass instruments and other skills I set in the db in skill_caps are trainable at different levels depending on what client your using. Same with a lot of other skills. It appears as if the server is trusting the client to handle what level all the skills are trained at and never checking to see if the client can actually train them by level.
Something is getting lost in translation. I actually believe its the server loading the skills. Bards to my knowledge have never gained pick lock at level 10. Even on live today still don't. Caps are correct unless you have them 0'd out till X level so when skills are loaded they are set to that level to train. Then they are using (5+(level*5)).
So far titanium is the least bugged client with only 4 skills out of wack. SoD it gets a lot worse.
Odd thing is this line in the code.
Code:
//you can only use your own trainer, client enforces this, but why trust it
I know its just a comment, but it appears we are trusting the client with the whole skill system. Thats bad. I'm not the best coder in the world but I can't find a check anywhere to make sure client can train at x level. There should be something somewhere storing level data a skill can be trained at but I can't find it, or this would be easy to fix. Looks like the skill system got overlooked. Or there is a valid reason why its like this.
If I had a bit more knowledge I'd try to write a hook client side to set the level down I bet I could train every skill at level 1. Well 5 of them at least.
The way skills are loaded looks to need redone.
Really though in titanium its not that bad its only 4 skills. meditate, sense traps, pick lock, and disarm traps. But maybe a dev wants to look into it cause it just seems highly exploitable.