How do I lock my project?

Post reply
0 favourites
From the Asset Store
Archer Project
$10 USD
With this template you can create your own archer game and customize it however you want.
clarkvr's avatar
clarkvr

  • I have to send some game files to be tested on a server and I would like to know if there is a way to stop the opening of this game's page, using some system created on C3 that allows me to control this from my server, for example, something that checks if a file is located at a URL (on my server in this case), and if there is no such file the game will not start. It may be that or another possibility that is suggested. Thanks.

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads

  • something that checks if a file is located at a URL (on my server in this case)

    Yes, I think this is the right way to do it. But I suggest actually reading some useful data from that file. For example, contents of some important array, used in the game. This way it will be much harder or even impossible for someone to hack your game without that file.

  • I plan on using AJAX and requesting a text file, and when it is complete, read this file, and compare the text. Do you think that would not be enough? Is it possible for someone to know that the game is looking for this file and even identify it? I would like to use an undetectable process.

    EDITED: This is the code I intend to use:

    + System: On start of layout -> AJAX: Request "http://mydomain.com/file.txt" (tag "file") + AJAX: On "file" completed ----+ System: AJAX.LastData = "PASS" -----> System: Go to Layout1

    One more question: Can't security defense systems (their server firewall / cross-domain browser preventing / etc) prevent this access? If so, how to solve it?

  • I plan on using AJAX and requesting a text file, and when it is complete, read this file, and compare the text. Do you think that would not be enough?

    No, this will be quite easy to hack. Yes, it's possible to find in the source code what file you are requesting and what value you are comparing its contents to.

    So the most robust method is to read some actual data from the file, without which your game will not function properly. Like the inventory array, or some config values, or tilemap JSON etc. So even if hackers substitute or disable the file check, they will not be able to play the game without that data.

    Of course, if you are not worried about hackers and just want to be able to temporarily lock/unlock it on the server, then you can simply check if the file contains some password.

  • So the most robust method is to read some actual data from the file, without which your game will not function properly. Like the inventory array, or some config values, or tilemap JSON etc. So even if hackers substitute or disable the file check, they will not be able to play the game without that data.

    Do you have any example of this solution?

  • The tutorial Publishing to the web has some advice under the heading "Domain lock".

    I personally wouldn't bother going much further than that, unless you're willing to enter an on-going DRM arms race.

    I wouldn't actually go for the approach of AJAX requesting a file - if you want it to work in preview, you have to configure the AJAX response to work cross-domain, and if it works for any domain, the protection is no longer effective.

  • I wouldn't actually go for the approach of AJAX requesting a file - if you want it to work in preview, you have to configure the AJAX response to work cross-domain, and if it works for any domain, the protection is no longer effective.

    As in my case I have to send the files to the company to do tests on their server, the AJAX solution will not do because of the cross-domain problem. It would be great if there was a trial mode option, that I could configure, for example, that the game could be accessed for 10 days

  • Do you have any example of this solution?

    Are you using any arrays or dictionaries, do you have files imported to your project?

    If not, just think of something that is important in your game. For example, player position on start of the level. Or the number of enemies, or their LOS distance etc.

    Let's say your player position should be (200, 420). Create two variables PlayerStartX=9999 and PlayerStartY=9999. Set player position to (PlayerStartX, PlayerStartY) on start of layout.

    Put the correct values 200 and 420 into the file on your server. Request this file on start of the game, read values into PlayerStartX and PlayerStartY variables. If the file is genuine, your game will work correctly. If the file is not available, or if it contains wrong data, the player will spawn at (9999,9999) and your game will not work. It will look like a bug, and any potential hackers will have a hard time figuring out what's wrong.

  • It would be great if there was a trial mode option, that I could configure, for example, that the game could be accessed for 10 days

    You could create a version with a variable of the date on which you are going to export and deliver the test game.

    On your initial layout before the game loads, you could have a test that compares the current date with the date in the variable. If it is greater than 10 days have the browser object close the game.

    Not super advanced, and can be worked around but might do for your purpose.

  • Are you using any arrays or dictionaries, do you have files imported to your project?

    If not, just think of something that is important in your game. For example, player position on start of the level. Or the number of enemies, or their LOS distance etc.

    Let's say your player position should be (200, 420). Create two variables PlayerStartX=9999 and PlayerStartY=9999. Set player position to (PlayerStartX, PlayerStartY) on start of layout.

    Put the correct values 200 and 420 into the file on your server. Request this file on start of the game, read values into PlayerStartX and PlayerStartY variables. If the file is genuine, your game will work correctly. If the file is not available, or if it contains wrong data, the player will spawn at (9999,9999) and your game will not work. It will look like a bug, and any potential hackers will have a hard time figuring out what's wrong.

    This solution is really good, but the cross-domain problem makes this possibility unfeasible since the game files will be on another server and not on mine.

  • You could create a version with a variable of the date on which you are going to export and deliver the test game.

    On your initial layout before the game loads, you could have a test that compares the current date with the date in the variable. If it is greater than 10 days have the browser object close the game.

    Not super advanced, and can be worked around but might do for your purpose.

    But in this case, users would only need to change the date on their computer to access the game again, right?

  • You could request the date from a server. It would require the user to be online though.

  • You could request the date from a server. It would require the user to be online though.

    But I think that then I would have the same problem accessing this information as I would have to access the file on another server because of the problem with cross-domain, isn't it?

    EDITED: This would work if I checked the date on the server where the files are hosted. It is possible? If so, would I have to use a plugin for that?

  • Again, hosting important project data in a file you AJAX request is not effective. If someone copies your entire project, they will also copy the files that are AJAX requested, and everything will still work.

    I'd advise just to use the domain lock approach described in the tutorial I linked to previously. If you use AJAX, it's entirely possible you could come up with a very complicated scheme that offers no protection against copying whatsoever.

  • I'd advise just to use the domain lock approach described in the tutorial I linked to previously.

    The problem is that the files will be sent to the client to test on their server.

Post reply
Return to board index
Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)