Back to course
Lesson 30Copy trading build labAdvanced130 min

MQL5 file sandbox and the common-folder copier lab

Learn how MQL5 file permissions work before building a local demo copier that shares provider events safely.

Lesson outcomes

  • Explain the MQL5 file sandbox and FILE_COMMON flag.
  • Design a provider-to-receiver file format for demo copying.
  • Avoid unsafe absolute-path and credential-sharing patterns.

Workshop lab

Complete the demo, notebook, platform, or code task before treating the lesson as finished.

Evidence pack

Keep screenshots, exports, logs, calculations, or code versions in a dated learning folder.

Pass standard

You should be able to explain the failure modes, show your work, and name the stop rule.

Free education, not signals. This lesson is part of EarnSouthAfrica's free forex course. It does not tell you what to buy or sell, it does not promise income, and it should be practised on a demo account before any real-money decision.

A local trade copier sounds mysterious until you break it down. One program records trade events, another program reads those events, maps symbols and risk, then decides whether to place a corresponding demo trade.

MQL5 file access is intentionally sandboxed. That is a good thing. It reduces the chance that an EA can wander around your computer. Understanding the file sandbox is the first step toward building a copier lab safely.

What you should be able to do after this lesson

  • Explain the MQL5 file sandbox and FILE_COMMON flag.
  • Design a provider-to-receiver file format for demo copying.
  • Avoid unsafe absolute-path and credential-sharing patterns.

File sandbox basics

The official FileOpen documentation explains that file work is controlled for security. MQL5 files are opened inside terminal folders, or in a shared common folder when the FILE_COMMON flag is used. Do not design a copier that depends on random absolute paths on a user's machine.

  • Provider EA writes one small event record per trade action.
  • Receiver EA reads only records it has not processed.
  • Every event includes provider account id, symbol, ticket, action, volume, price, stop, take-profit, and timestamp.
  • The receiver must validate age, symbol mapping, spread, max risk, and duplicate status before copying.

Example event format

provider_id=DEMO_ONLY
sequence=1024
action=OPEN
symbol=EURUSD
side=BUY
volume=0.10
sl=1.08000
tp=1.09000
time=2026.05.30 10:15:00

Keep the format boring and explicit. A simple line-based or CSV event is easier to inspect than a clever hidden format. In a free educational project, transparency matters more than mystique.

Safety gates

  • Receiver ignores events older than a defined number of seconds.
  • Receiver refuses symbols not in an approved mapping table.
  • Receiver caps volume and percentage risk per copied trade.
  • Receiver records every accepted and rejected event.
  • Receiver can be switched to observe-only mode where it logs but does not trade.

Academy-grade study plan

A copier is not a secret bot; it is a distributed risk system. A paid-course standard design defines events, permissions, symbol mapping, receiver risk, stale-event rules, duplicate handling, and logs before any demo order is copied.

Course elementWhat you must produce
Primary artifactCopier event contract
Lesson focusMQL5 file sandbox and the common-folder copier lab
Working environmentDemo account, notebook, exported platform data, or local code sandbox. Never live funds for first practice.
Completion standardYou can explain the concept, reproduce the exercise, identify failure modes, and show evidence without relying on a seller's claims.

Instructor workflow

Use this workflow as if an instructor were marking the lesson. The important question is not whether the topic sounds familiar. The question is whether your notes, screenshots, calculations, logs, or code prove that you can apply mql5 file sandbox and the common-folder copier lab under controlled conditions.

  • Design provider output and receiver decisions as separate responsibilities.
  • Keep sensitive information out of event files, API payloads, and logs.
  • Make receiver-side risk controls local so a provider or server fault cannot force unsafe size.
  • Test event rejection as carefully as event copying.

Worked case study: Receiver rejects a dangerous provider event

A provider event arrives late, maps to a symbol with a different suffix, and implies too much risk for the follower account. A weak copier copies anyway. A professional receiver logs the event, rejects it, explains why, and leaves the account unchanged.

After reading the scenario, write the decision you would make before checking the suggested workflow above. Then compare your decision with the operating model. The gap between those two answers is the part of the lesson that deserves another demo repetition.

Professional template

Complete this template in your own notebook. A paid course would normally hide this kind of operating document behind worksheets; here it is part of the free lesson.

FieldStandard
Event fieldProvider id, sequence, action, symbol, side, volume, stop, take-profit, timestamp, and version.
Receiver mappingLocal symbol, contract check, lot step, max volume, and account-risk calculation.
Rejection ruleToo old, duplicate, unmapped, high spread, excessive risk, disabled provider, or invalid stop.
Audit logAccepted, rejected, reason, local ticket, account state, and settings version.

Failure-mode lab

Paid courses often sell confidence. A serious course teaches you how the idea breaks. Before continuing, test the failure modes below on demo, paper, or code review. If you cannot describe the failure, you are not ready to trust the concept.

  • Copying volume instead of risk.
  • Assuming provider and receiver brokers use identical symbols and contract sizes.
  • Not storing processed event ids, causing duplicate orders.
  • Sending passwords or private account data through copier infrastructure.

Evidence pack and pass standard

Do not mark this lesson complete because you read it. Mark it complete only when you can show the evidence below. Keep the files in a dated folder so your learning history survives platform updates, memory gaps, and sales pressure.

  • A one-page note explaining mql5 file sandbox and the common-folder copier lab without sales language or copied definitions.
  • A screenshot, export, calculation, log, or code file that proves the practical work was completed on demo.
  • A written stop rule that says when this topic must not be used with real money.
  • A documented event schema with examples of accepted and rejected events.
  • A receiver risk table showing how copied size changes across follower account balances.

Assessment rubric

LevelWhat it looks like
Not readyYou can repeat the vocabulary but cannot complete the demo task, calculate the risk, explain the failure mode, or show evidence.
Course passYou can complete the practical task on demo, explain the decision rules, show evidence, and name the conditions where the idea must not be used.
Strong passYou can teach the concept to someone else, find edge cases, document a rejected example, and improve the template without weakening risk controls.

Advanced homework

  • Create five bad provider events and prove your receiver design rejects each one.
  • Write a symbol mapping table for two brokers with suffix differences.
  • Design an observe-only mode that logs decisions without trading.

Practical drill

Do this lesson as a controlled exercise, not as a reason to trade live. Open a demo account or notebook, write the lesson title, and record what you changed, clicked, calculated, or checked. If the lesson includes code, compile it only in a demo environment and keep the original version unchanged so you can compare edits safely.

  • Write a one-paragraph explanation of mql5 file sandbox and the common-folder copier lab in your own words.
  • Take one screenshot or note that proves you completed the platform, maths, research, or code task.
  • Record one risk rule that would stop you from using this idea with real money.
  • If anything feels unclear, repeat the lesson before moving to the next module.

How scammers misuse this topic

Scammers often take real concepts and wrap them in urgency. They may use platform jargon, bot screenshots, copied profit charts, or official-sounding language to make a paid offer feel safe. A real concept is not the same as a safe offer. Before paying anyone, ask whether you can verify the provider, reproduce the calculation, test the claim on demo, understand the risk, and walk away without pressure.

Checkpoint before continuing

  • You can explain why the file sandbox exists.
  • Your copier design has an observe-only mode.
  • Your receiver validates events before placing any demo order.

Official references

These lessons are written as free education. When platform features or rules matter, verify against the official source before using real money.

Risk note: leveraged forex and contracts for difference can lose money quickly. EarnSouthAfrica is an educational publisher, not a broker, adviser, signal provider, or money manager.

Previous: Monte Carlo thinking, drawdown, and risk-of-ruin checksNext: Provider EA with OnTradeTransaction

Keep exploring

Read the latest guides, take the side-hustle quiz, or contact the editorial desk if you spot a correction.

Latest articlesTake the quizContact editorial desk