Sign in to follow this  
topherr

Question about Security

Recommended Posts

I have an idea to reduce strain on the server when you are running a MMORPG. What I am hoping is that someone can give me an idea as to whether or not this is a feasible idea. Ok, my idea is to save maps, items, and npcs, etc. databases client-side and have the client download the newest versions of updated databases when necessary. To avoid someone tampering with the databases, I was thinking of having the server save the date and time of the last change for the databases for each account and have the client send it's last save time to be checked by the server. If they match then the client would be allowed to proceed, else the database would have to be re-downloaded. I think this would be an interesting idea to implement because it will make loading up many things quicker because they don't have to be sent by the server, plus it reduces the strain on the server because it doesn't have to send all that information, thus making the overall game faster. What does everybody thing? Is this a feasible idea or not?

Share this post


Link to post
Share on other sites
Quote:
Is this a feasible idea or not?


Yes, it's how every MMO out there does it.

The trick is, rather than relying on dates or other data provided by the client, all actions that player performs are executed on the server.

This way it doesn't matter if player completely corrupts their copy of the database - actions are always validated on the server.

Note that many things exist on server only, and as such cannot be transferred to client. This is where difference between static and dynamic world objects comes from. Static ones are those that are assumed to exist. Certain buildings, certain actors, almost exclusively only minimally interactive ones. They are usually limited in interactivity, usually they just sit there, and spam some text, or move around on some predefined path.

The dynamic ones however are the interactive ones, and they are usually spawned by the server during run-time.

The problem with static objects is administration. In order to change any aspect of them, even just move them by 1 cm, you need to create a new patch, and download it to clients. While this may seem a trivial thing, these things can take anywhere between days, up to several weeks of development cycle to produce (choose what goes in, implement, send to QA, send to internationalization team, send to admins, make build packages, prepare new distribution, test it, etc...)

Needless to say, things are mostly dynamically spawned, only the heavy data (graphics, sound, text, music) is stored on the client.

Worlds like Second Life for example have no static data. Everything, including textures, sounds, animations, physics is sent to the client in real time, and then merely cached.

Share this post


Link to post
Share on other sites
Thank you for your response.

This is my first mmo project I have so I really haven't studied every aspect of their development yet, and thus wasn't aware that most mmos in fact use this method.

I was, however, aware that all actions are validated on the server and that it doesn't matter if the player corrupts their database, I was simply thinking of the player there so they would always have the correct information.

I thank you for your insight into the matter, especially regarding the static and dynamic objects. This helps a lot.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this