Turnkey Lamp and PHP

Discuss game development design and post your game ideas

Post » Thu Mar 28, 2013 11:35 pm

Hi all,

I work with a bunch of programmers who are very resistant to Construct2. My background is in animation and games design and i love C2. But because of this resistance its like wading through mud to get them to deliver on LAMP's or Moodles that will talk to C2. I understand that I can use ajax to send requests to PHP but I haven't been able to achieve this smoothly on my own. I would love some help! I have been downloading turnkey lamps from here and running them in VM' but I don't know enough about PHP to deliver the goods.

What I want.

I want a turnkey solution that allows me to post
1. User names
2. User emails
3. Final Scores and then leader board results.
4. All this stored in a database like MSQL.

It would also be great if the solution could allow me to
add other stuff on the fly also. So I guess I need someone to set
up a back end that allows me to add PHP requests by just adding a
variable call in the C2 program and the PHP.

Can anybody help at all?

Cheers
Luke
B
10
S
2
Posts: 50
Reputation: 1,100

Post » Sat Mar 30, 2013 12:32 am

Why their resistance?
B
18
S
5
G
4
Posts: 568
Reputation: 5,079

Post » Sat Mar 30, 2013 9:15 pm

B
50
S
11
G
8
Posts: 479
Reputation: 9,911

Post » Mon Feb 17, 2014 11:09 pm

I have no idea why they are resistant other than that they say the code is human unreadable so they are concerned with the security. We found another way of doing things anyway. Cheers Wink I will have a good read here.
B
10
S
2
Posts: 50
Reputation: 1,100

Post » Mon Feb 17, 2014 11:40 pm

I'd say the issue is that they are aware that the code is human-readable ergo anyone savvy would be able to tamper with and/or spoof the POST data.

I personally would not send any critical data without first encrypting it. I've not been with C2 long enough to reach a stage where I've had to look at encryping data, I did notice in the plugin section there's an MD5 SHA-256 hash plugin. Worst case scenario is you use that to send some check data with each post using hidden data inside your game eg send the data "High Score = 10000 & Username = C2User" the conventional way but to prevent user from fiddling himself to top of high score table send the same data again bu append the hidden data eg the word "banana" and hash it.

On the server end you receive the data but before you enter it on the db you again add the word banana and hash it on the server if both hashes match then insert data.

It's much more complicated than this but unless there's cash or prizes or sensitive data at stake this sort of integrity should suffice assuming the key string is tucked away well enough as don't forget the savvy user could easily lay their hands on the entire source code from C2runtime.JS and even minified could probably work out what's what. Concantenated strings and on the fly variables such as date, user IP etc. make this job much more difficult for the spoofer.
There are 10 types of people in the World, those that understand binary and those who don't.
B
7
S
2
Posts: 93
Reputation: 797


Return to Game Development, Design & Ideas

Who is online

Users browsing this forum: No registered users and 0 guests