Using a web server to hold details of players
Author
I'm making a 2d multiplayer game and I'm wondering would it be viable to save the data of the players i.e kills, weapons purchased etc. to a web server which the game client would log in to to get the details?
"Web server" is a somewhat broad term. It merely implies that there's a socket that can respond to HTTP requests.
It depends on back-end. A simple static HTML server can't do that.
It's somewhat trivial to achieve this via one of many web application frameworks (I don't know framework-du-jour for this), PHP seems to do the job just fine.
The core you need is session management for user account tracking, and HTTP POST functionality. Servers then handle this data and store, in a file or in a database.
It depends on back-end. A simple static HTML server can't do that.
It's somewhat trivial to achieve this via one of many web application frameworks (I don't know framework-du-jour for this), PHP seems to do the job just fine.
The core you need is session management for user account tracking, and HTTP POST functionality. Servers then handle this data and store, in a file or in a database.
Just make sure you realize that, if it matters to the user, the user will probably figure out how you encode the requests, and post fake results (kills, wins, stats, etc).
Author
thanks for the answer Antheus.
HPlus, if a guy cares enough about a small game to hack it, I must have done something right:). But good point, good encryption should help slow down the speed at which it is hacked
HPlus, if a guy cares enough about a small game to hack it, I must have done something right:). But good point, good encryption should help slow down the speed at which it is hacked
Not as much as you'd think. Yes, if it's not obvious from sniffing the HTTP traffic how to formulate your own requests, you've achieved a little bit of security through obscurity (and make sure that, regardless, replay attacks don't work).
The fundamental problem with trusting the client to save things directly to a server, which I think is what you're suggesting, is that no matter how you "encrypt" (be careful with that word!) what's going over the wire, the user can look at exactly what your program is doing to *generate* those messages.
Kevin
Solid Stage, LLC
The fundamental problem with trusting the client to save things directly to a server, which I think is what you're suggesting, is that no matter how you "encrypt" (be careful with that word!) what's going over the wire, the user can look at exactly what your program is doing to *generate* those messages.
Kevin
Solid Stage, LLC
for my 3D engine (jolt-3d.sf.net) im using always MySQL.
The developer has to setup the server in a world-viewed PC (just execution of a single file with 1,2 additional permission sql calls), while clients (your players) will just use the mysql api (libmysql.dll) to perform queries to that server from anywhere. You need ofcourse #include the mysql api in your program, & ship the libmysql.dll with your program.
Im using this & not winsock or such ways because its much easier, mysql is a known system, you dont need tons of programming preparation/or installations etc.etc. and you can (actually, your clients) save/delete/update whatever infos you want them to do.
The developer has to setup the server in a world-viewed PC (just execution of a single file with 1,2 additional permission sql calls), while clients (your players) will just use the mysql api (libmysql.dll) to perform queries to that server from anywhere. You need ofcourse #include the mysql api in your program, & ship the libmysql.dll with your program.
Im using this & not winsock or such ways because its much easier, mysql is a known system, you dont need tons of programming preparation/or installations etc.etc. and you can (actually, your clients) save/delete/update whatever infos you want them to do.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
