> Credits should be downloaded from the internet and then the user can play > offline as long as he has enough "credit". If he has no more, he has to > connect to the internet again and download / buy more. > > So my question is, what's the best way of programming this activation > process with the maximum of security. > For example what if after downloading credits the user makes an image disk > of his computer, and reinstall it whenever the credits are empty ?
You could store the credits server side rather than "downloading" them. Each time a user played the game a credit can be deducted from the user's online account via a script call. That way even if they wiped their hard drive and started again you have a record of how many credits they have remaining (but it would require internet access each time the game was played - I don't know if that's an issue). Whatever solution you come up with would be open to abuse though given the nature of Flash. For example, with the suggestion above a user could decompile the game, hard-coding the expected response from the server and publish it again to get unlimited credits (obfuscating your code would make the process more difficult but not impossible). Tim _______________________________________________ [email protected] To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
