How do I keep data from player, online ?

Get help using Construct 2

Post » Fri Dec 23, 2011 5:56 pm

Hi,

It may be a stupid question, but I was wondering what are the solution for keeping data online, beside a SQL database ?

And, that can be used with Construct2, of course !


Thx
B
12
S
2
G
5
Posts: 73
Reputation: 3,570

Post » Fri Dec 23, 2011 6:58 pm

Check this 3rd party plugin out,



It allows scoreboards, Tracks play data, ect.
B
29
S
12
G
7
Posts: 740
Reputation: 7,839

Post » Fri Dec 23, 2011 7:58 pm

Wich one ?   

B
12
S
2
G
5
Posts: 73
Reputation: 3,570

Post » Fri Dec 23, 2011 8:21 pm

Sorry, I posted a link. But it didn't Show:

Download it from this link: http://www.funstormgames.com/blog/playtomic-for-construct-2-plugin/,

Take a look at the example aswell :)
B
29
S
12
G
7
Posts: 740
Reputation: 7,839

Post » Sat Dec 24, 2011 7:30 am

I don't understand you when you say "beside an sql database." But no matter which database you are using, the basis to to establish a connection and communicate with server. Construct 2 has an AJAX function which allows you to send ajax requests to server. You can send "GET" requests using this (I think there is also a plugin that allows for POST requests, look for it in the forums). In essence, you could store data in a GET request, send it to server through AJAX, and store that in database using php. All of which requires a fair amount of programming. The security of this whole setup is questionable :P
I recommend taking a look at the AJAX tutorial in the AJAX section and taking at look at this: http://www.scirra.com/forum/my-ajax-tests_topic45290.html?KW=
and this: http://www.scirra.com/forum/topic45040.html
everythings pretty murky right now, as Construct 2 does not have a "built in" function for doing this, really
P.S. playtomic looks really interesting
B
29
S
5
G
6
Posts: 58
Reputation: 5,121

Post » Sat Dec 24, 2011 11:54 am

Databases aren't the only way. PHP knows how to write in files for instance.
Long a go I wrote a website on a server which ran PHP but no database (it was a free host). So I had to come up with my own system.
Files work, but yeah... If you know the path of the files you can read them. Hmm unless you write outside of the root folder of your website... I didn't have such right.
B
60
S
22
G
14
Posts: 1,479
Reputation: 16,346

Post » Sat Dec 24, 2011 4:04 pm

I know already about the sql and Ajax, I already used it on that game : Christmas Rush

I was just wondering if there was another choice.
Since i'm not a real programmer...

Thx Yann for the answer. So files writing, but it's seems to be even less secure than the Ajax solution ?
B
12
S
2
G
5
Posts: 73
Reputation: 3,570

Post » Sun Dec 25, 2011 10:43 am

@guicole: the file is written on the server end.
This is secure. The lack of security might come from the method you interface, and allow user to call through an ajax call.

Consider the server and your game as two different applications on two different computers (even if you're running the server locally). The server runs PHP scripts (for example) and can receive ajax calls (call to an url that will execute the designed script).
The file/database is on your server's computer. One can only access the file if he accesses the server physicaly or use a script that acts on the file. (ex: http://myurl.some/thisisascript.php?player=nick&score=10000 => writes in the file "player - 10000" because this is what thisisascript.php is written to do)

As said earlier, it all depends on the way your script is made.
The current example would allow anyone with a browser to try to reach http://myurl.some/thisisascript.php and write in the file a false nick/score if there isn't any checking applied on the values before "saving" them/writing them to the file.

I hope I'm making sense. ^^Kyatric2011-12-25 10:44:25
New to Construct ? Where to start

Image Image
Image Image

Please attach a capx to any help request or bug report !
Moderator
B
247
S
85
G
40
Posts: 6,999
Reputation: 57,793

Post » Sun Dec 25, 2011 9:52 pm

Yeah basically, something secure should check if :
- the game sent your score (and not by any other way)
- you already sent your score (avoid flood)

Because even I can code an evil application that will call "http://myurl.som/myscoringscript.php?user=plop&score=999999999" a thousand time :D

The question is, how to be sure that it is your game that sent the values. And not an evil application or just a user entering the url in his web browser?

Maybe you could generate a shared value between your server and the game like a random sessionID inside the game itself.
But I think even that can be hacked looking at javascript values...
So yeah, no real good solution yet.
B
60
S
22
G
14
Posts: 1,479
Reputation: 16,346


Return to How do I....?

Who is online

Users browsing this forum: Google [Bot], Timedoor Indones and 26 guests