Jump to content
  • Advertisement
Sign in to follow this  
Oogst

Online highscores

This topic is 3066 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

For the racing game Proun that I am working on, I would like to store the best track times online and show those in the game. So basically I want online highscores/leaderboards. So my question is: what is the easiest/fastest/safest way to implement this? I am hoping there is some free library than can handle this, since it seems a waste of time to implement this myself with sockets and a database and such, while this functionality is not really game specific. So, is there some library that can handle this? Maybe even an online service so that I don't have to run my own server for this? I usually do console programming and at least on some consoles these things are provided securely by the console manufacturers, but I don't know if anything like that exists on PC. If such a library does not exist, then is there some modifiable example code somewhere that does these things? Also, how difficult is it to get a reasonable sense of security here? I don't expect to beat of any really good hackers, but I guess some sense of security for the highscores should be achievable? I looked through the websites of the networking libraries list in the FAQ, but none of them seem to be both free and supply this specific feature. Thanks in advance! :)

Share this post


Link to post
Share on other sites
Advertisement
There is Gamespy, but it's expensive and for pros with decent pockets, since they handle the servers and everything. There used to be Demonware (much better than Gamespy!) but they are now part of Activision's internal logistics.

There is also Valve Steamworks, but I don't know how accessible they are for the indie. They say free but I doubt it if you require leaderboard management and server support (do they even do leaderboards and stats?).

For XBox, there is XBox-Live and Games For Windows-Live of course, again you need to be a registered developer with Microsoft and so on.

I'm not really aware of alternative libraries and back-end services support for small developpers otherwise.

Share this post


Link to post
Share on other sites
Well, I don't have any budget, so Gamespy seems to be out of the question then. I did contact them, though, to see how their licensing works and what things would cost.

Since my game Proun is going to be released for free, I don't think Steamworks is an option either. Steamworks is for free and usuable even for game-versions that are sold outside Steam, but I doubt it is useable for games that are not sold on Steam at all. Also, I don't see any options for highscores in their feature overview.

If I can get access to a server somewhere myself, is there some library that lets me handle this whole thing easily and securely? That would mean both a server app that stores the highscores and a client lib that I can call from C++ to communicate with that server. Is there a lib that does that? Or rather complete example code that I can copy and use?

Share this post


Link to post
Share on other sites
It's very hard to implement a high score board that's difficult to hack. If your game develops any kind of interest, someone will probably try to hack it. A score board is apparently like candy to hackers.

There are two main ways a hacker will typically try to hack the high score. If you can defeat both of them, most hackers will give up at that point.

The first is to intercept a high score submission and modify it on the way to the server. Whether you use raw sockets or something higher level like http, the user will be able to examine traffic from the client to the server. If he sees something like "highscore=9355", he'll try to modify it.

The second is to change the score in memory. Here the hacker ignores the traffic to the server and tries to change what the game thinks its own state is. The hacker fires up a tool that allows him to examine and modify his system's memory. He looks for something that's likely to be the address of the variable he cares about, then edits the value there.

Good luck!

Share this post


Link to post
Share on other sites
Is there any reason you couldn't sell the game for $5 on Steam, and also give it away for free, if "being sold on Steam" is a requirement to use Steamworks?

Share this post


Link to post
Share on other sites
why not store the highscores in a mysql database then have php or ASP gather the highscore an put them onto a website?

Share this post


Link to post
Share on other sites
Quote:
Original post by ARC inc
why not store the highscores in a mysql database then have php or ASP gather the highscore an put them onto a website?


Exactly!

You can even make it a bit easier and output the score to php, have php verify the score and write it to the database, then have PHP display it.

This was my easiest solution and yes it can still be hacked, but the hacker will be a registered user and easy to identify, hehehe.

Share this post


Link to post
Share on other sites
Awhile back, there was a user on this site who had a little service doing high score hosting. I dug up the link, but it looks like it's no longer alive.

I think it was essentially what Xyle and ARC inc described.

Share this post


Link to post
Share on other sites
I expected php+SQL was going to be the easiest way if I had to do this myself, but I would still have to write the PHP scripts, message sending and security for that. I was hoping there would be some library or example code that would do all that and that I can simply plug-in, since this is such generic code. Especially because of the security thing.

Quote:
Original post by hplus0603
Is there any reason you couldn't sell the game for $5 on Steam, and also give it away for free, if "being sold on Steam" is a requirement to use Steamworks?

I don't know how far their system can be stretched, but as far as I know, Steamworks does not support highscore lists, so it wouldn't help anyway.

Share this post


Link to post
Share on other sites
An easy way to 'secure' high score submissions is to ship with a replay of the game with each highscore submission, obviously this only works if your game already has some way of storing replays. This way, if you suspect someone has cheated you can just check out the replay for that highscore.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!