Hi folks,
my flow :
--CLIENT--
this.addEvent('load', this.start);
if no session we start the core with a random name
else we restore all datas (sessid gamedatas) and the currentPipe
this.addEvent('ready', this.createTourney);
if no gamename exists we promt a login with
name and password , this i send to the server with the
session id .
{'SessionID':thisgetSessidvalue, ,'name':loginname,'pass':loginpass}
--SERVER--
Ape.registerCmd('getInfo', true, function(params, cmd)
on the server i use a
SELECT to the users database and
if success i
UPDATE the userentry with the actual SessionID and
save the sessid in
cmd.user.mysessionid
after this i send it to client
cmd.sendResponse('LoginResult',
{'name':sqlres.gamename,'level':sqlres.level );
--CLIENT--
this.onRaw('LoginResult', this.rawDataLogin);
if (Gameuser) set the this.core.setSession({'sessionid':sesid});
if (Gameguest) set Gamedata for Guest
save Gamedata in client.user
for now i am happy with it ,
on the server side i have a sessionid to know the user
on the client side the same .
my question about this is :
i do not use the core.start(name:myname) to identify ,
cause i need to talk to the server already for the mysql check
i want a APE Mysql login . And the start name is be blocked for
45seconds if relogin (cookie delete) happens.
so is there a more easy way to do this ?
(that people dont steal a username or cheat it or have problem with
"name already in use" )
i dont want to use a php build script for this , and i realy dont know
how secure APE is,
Am i right to use my own layer to check the user is loged ?
--
i cant trust, what i not know
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
