Hello, I wonder how I should deal with sharing code between server and client. There are a lots of components (singleton, factories, different other patterns, priority queue, special property class etc) that can be shared amongst the two. However that seems to expose quite some security risk. Once somebody found a way to hack its own client's code, the same attack could be played on the server. What to do in this situation? -Matthias

It's not a security risk at all if you validate the data when it reaches the server. Always assume someone will work out the format of whatever data is being sent, and they don't always do this from the code anyway.

The moderator's right. As long as you don't trust anything the client says, there's no risk (exceptin' the normal risks you always get with server/client communications of any sort). Don't let the client report where he is, make him report what he'd like to do (Client say "I'm moving forwards, and I'm holding the fire lasers key"). The server, in turn, says "Ok".

Also, if your game is going to be a fairly small release, you may consider not worrying about cheaters. It takes a lot of effort to set up a game for cheating, and for a small indie game, why would they bother, and what would it cost you? Still, if you want to do it the "right way," then yeah, don't trust anything the client says.