I'm using mySQL as the engine for my web site - it keeps user
preferences as well as conducts the searches for matches. So I'm
thinking...
Add a "bananas" column to a user's profile - either a list of who
they've awarded bananas to or who has awarded them bananas, still
undecided....
Then, when a player joins, read that list into its properties and when
an "Award a Banana" message comes to the server, filter it out if the
awardee has already gotten a banana from the sender. Sending back a
message of "You already gave them a banana"
It then becomes a question of the speed of "instr" or "StrComp" and of
course, executing the initial SQL query?
is there a faster way, perhaps?
On Dec 31, 2004, at 2:05 PM, LMSpam at neuropop dot com wrote:
My server is an RB app using a ServerSocket as the way in... If I
recall, ServerSocket can't listen in SSL mode...?
Never used rotating keys... Would the theory be to use the session ID
as an encryption key? I'm already compressing the data, so that
wouldn't be a stretch to add.
I'll rethink where I'm at over the weekend and move more logic to the
server. At least at this stage it seems the only issue regarding
cheaters would be the banana awards, and those are very small
routines, so filtering that from the server-side shouldn't be a
problem. I've also been using Joe's Renegades code as my base engine,
so changing stuff (which I do often) is proving relatively painless
On Dec 31, 2004, at 2:40 PM, Phil Mobley wrote:
On Dec 31, 2004, at 10:07 AM, LMSpam at neuropop dot com wrote:
Anyway...... shooting people is really for fun rather than points.
OK. I had a thought... you can have people shoot rubber-bands and
throw paper airplanes at each other (of course the paper airplanes
would have random flight paths).
however, I *can* see that if I implement a ratings program where you
can award people, songs, or artists banana points, gaming and
hacking the protocol could become an issue...
With MMORPG games, a person could build up their character very fast
by cheating like this. Since they can do what ever they want without
consequences, they usually start attacking other players. And since
the other players worked hard to get where they are, they get very
upset when a cheater comes along.
If players can get ahead in your game by cheating, then you might
want to consider what I wrote before.
The site has an "ignore this user" feature which should be easily
ported, and I also have a "cookie"-like security system, so each
time you log in the server sends back a session ID. Then *every*
time you issue a command you have to send this session ID along with
your log-in email address to verify who you are.
You don't need to do this.
That is a lot of data being transmitted back and forth. You only
really need the session ID to identify the sender. But I would use
the SSLSocket (if you have the Pro version of RB) to automatically
encrypt your data. If you don't, then you can use a rotating key
encryption system.
So in theory, the only people on the system would be logged in,
registered users, and so by extension, they should be easily smacked
down (so long as others reported any abuse...), right???
Sure, but it is better to avoid the situation before it becomes a
problem. But encrypting the network data would also prevent a lot of
cheaters.
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
|