Record the input for the game and transfer it to the server, then simply "play back" the winner to see if they earned it. I've done it, although not for a high scoreboard, and as long as you don't use Math.random() it works fine. If you need a random number generator you'd have to write your own and transfer the seed as well.
It's not the easy solution though, that's for sure. On 12/28/06, Ron Wheeler <[EMAIL PROTECTED]> wrote:
I still think that more server side logging will stop hackers more effectively than any thing you can do on the client side if you are going to have to give them the client code. Some server side logic will add to the difficulty without increasing your code very much. A small script that takes the game state and return you a token that has to be returned with the next transaction lets you track time or plausible state sequences will be hard to beat without actually playing the game AND getting a high score AND tapping the TCP/IP traffic. If you let them continue to play after you have found them cheating, that will also slow them down. Ron Steve Mathews wrote: > Everyone always underestimates hackers. Everything is hackable, it is > just a matter of time. > > That isn't to say don't bother. You just have to find the right > balance of time and effort vs. security. > > On 12/28/06, JulianG <[EMAIL PROTECTED]> wrote: >> I agree. >> Perhaps it's a good thing that once the game is launched the contest for >> the prize won't last too long. >> So that might reduce the amount of hackers that eventually notice the >> game. >> I hope I'm not under estimating hackers, I guess they could crack the >> game in a few hours anyway. >> >> Thanks for your help! >> JulianG >> >> >> Danny Kodicek wrote: >> > Be aware that once you're allowing for hackers getting into your >> game, just >> > hacking into the server communication is not your only problem: >> they may >> > find ways to cheat the game without touching that code. As a simple >> example: >> > suppose you have a space invaders game with a function >> 'destroyShip', if >> > they invoke this function they might be able to increase the score >> > 'legitimately'. Look into the history of MMORPGs to see the number of >> > ingenious methods hackers have found to cheat their way in (my >> favourite is >> > the story of the rogue carpenters who held characters to ransom by >> building >> > wardrobes around them) >> > >> > Danny >> > >> > ______________________________________________ >> _______________________________________________ >> Flashcoders@chattyfig.figleaf.com >> To change your subscription options or search the archive: >> http://chattyfig.figleaf.com/mailman/listinfo/flashcoders >> >> Brought to you by Fig Leaf Software >> Premier Authorized Adobe Consulting and Training >> http://www.figleaf.com >> http://training.figleaf.com >> > _______________________________________________ > Flashcoders@chattyfig.figleaf.com > To change your subscription options or search the archive: > http://chattyfig.figleaf.com/mailman/listinfo/flashcoders > > Brought to you by Fig Leaf Software > Premier Authorized Adobe Consulting and Training > http://www.figleaf.com > http://training.figleaf.com > > _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
_______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
