I can understand that in order to prevent tampering on the client side, the client probably simply sends the position of the purchase and the server determines the item and price, but this causes the aforementioned problem. Lag time between the client and server makes this problem worse. The fix is simple: Send the position AND the item type ID to the server, if there is a discrepancy between the client's request and server, deny the request and ask for re-try by user. This prevents tampering and prevents this issue.