Sign in to follow this  

[web] Some questions on MySQL and Javascript

This topic is 4009 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

So I'm taking the plunge and finally getting ready to start my online project. However, I have some questions concerning certain parts, and this is the best place I could think of getting answers. Bear with me please. javascript - Is there a way to make this secure? As in, I want to keep the processing on the server side as low as possible. Is it possible for someone to fake the values or calculations in javascript if I were to have that do the work instead of the server scripting? That's really the largest worry I have when it comes to the game's stability. I wouldn't want people just being able to fabricate values to make the results more favorable. MySQL - I use 1&1 hosting, and while they give me 50 databases, each one is limited to 100MB each. I don't suppose there'd be a way around that, or a loophole of some kind eh? I'm eventually looking to go to route of AJAXing all of this, so I'm curious on which way would be lighter on server resources: On loading, load all player info into the browser, granted the javascript is secure enough to prevent someone from viewing or editing it, or retriving smaller queries when the information was needed. I'm mostly worrying about this kind of stuff since I have only a shared hosting plan with 1&1, so while I may have a terabyte of bandwidth from them, I don't know how much processing power I'm really allowed. Thanks for all the help.

Share this post


Link to post
Share on other sites
Quote:
Original post by Tsuki no Hikari
So I'm taking the plunge and finally getting ready to start my online project. However, I have some questions concerning certain parts, and this is the best place I could think of getting answers. Bear with me please.

javascript - Is there a way to make this secure? As in, I want to keep the processing on the server side as low as possible. Is it possible for someone to fake the values or calculations in javascript if I were to have that do the work instead of the server scripting? That's really the largest worry I have when it comes to the game's stability. I wouldn't want people just being able to fabricate values to make the results more favorable.

MySQL - I use 1&1 hosting, and while they give me 50 databases, each one is limited to 100MB each. I don't suppose there'd be a way around that, or a loophole of some kind eh?

I'm eventually looking to go to route of AJAXing all of this, so I'm curious on which way would be lighter on server resources: On loading, load all player info into the browser, granted the javascript is secure enough to prevent someone from viewing or editing it, or retriving smaller queries when the information was needed. I'm mostly worrying about this kind of stuff since I have only a shared hosting plan with 1&1, so while I may have a terabyte of bandwidth from them, I don't know how much processing power I'm really allowed.

Thanks for all the help.


javascript is not secure at all, all calculations has to be done on the server.

Share this post


Link to post
Share on other sites
Quote:
Original post by SimonForsman
javascript is not secure at all, all calculations has to be done on the server.


Yup. And any calculations you *do* perform on the client side (e.g. form validation, user feedback) you have to do them *again* on the server. Especially for games, assume anything the clients send has been tampered with.

Share this post


Link to post
Share on other sites
Use MySQL for storing data, and something like PHP for calculations. Don't put any temporary values in your database. For eg. if you have 2 fields 'a' and 'b' and a third field 'c' that will always be equal to 'a+b', then dont keep that field in your database. Better calculate it each time a user plays the game rather than increase the size of the database with unnecessary information.

Note: This is considering you have a larger bandwidth and a stricter limit on storage space... if it is the other way around, ignore my advice.

Share this post


Link to post
Share on other sites
How processor intensive do you think this online project of yours will be? Is it a real time game? Text based? Turn based? You can usually get away with processing all text/turn based games server side. You just have to code everything efficiently. Make sure you index your tables properly, try not to have any nested loops, keep the math as simple as possible.... stuff like that.

At any rate, if you can provide more details about your 'project', it would help us in giving better advice as to what to use.

Share this post


Link to post
Share on other sites
It'll be a turn based type of game, moreso waiting for the player to act, so it depends on the player when anything will be accessed. It'll be a static screen showing either the player's options or assets, and only when the player clicked through something would it go and access the database. I'm hoping to do it with AJAX eventually to make loading easier, but depending on the player, it could range from a lot of database activity or not much at all.

I've been currently writing up a general description of the whole game for the people that had interest in it. Maybe this could help better describe what I'm trying to do.
Here

Share this post


Link to post
Share on other sites
I wouldn't worry about a 100Mb database quota - if your game gets that big you'll need dedicated hosting anyway probably.

Develop it in the most structured / easiest way possible, ignore limitations imposed by the host. Developer time is MUCH more expensive than hosting.

Absolutely all game calculations should be done on the server side, not in javascript on the client. This should not be a problem however.

If you're going to make it tick-based (vs turn based), that would be more suitable for a web game, e.g. ticks happen at a fixed rate (one per hour or day), and players log on to see what's happened and command stuff for subsequent ticks.

Server-push can't be done in a nice way with a conventional hosting platform / language / browser- which means a turn-based game where players wait for the others is pretty tricky and/or has overhead.

Mark

Share this post


Link to post
Share on other sites
If you're looking for an example game of the type you're describing, Black Nova Traders is written in php, and it's open source and free. You can find it with a search. It's ancient, so I'm not sure how much help it will be.

Share this post


Link to post
Share on other sites

This topic is 4009 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this