My question ISN'T 'how to make an online highscore'. This i know.
My question is: how to GUARANTEE that the score posted WAS REALLY posted by the game?
The best option (at least i think it is) is to send the score AND a checksum of this score, generated by sha1()+salt. I've requested the possibility to have sha1/md5 hashing methods on future versions of C2, and some1 answered me that there's already a plugin to do this (made by Kyatric). Ok, but the problem is that i can't upload a game to arcade using third-party plugins...
My concern is to some user just change the value sent (firebug, for example) and post a 99999999 score.