open a secure C3 session

Post reply
0 favourites
  • 3 posts
From the Asset Store
Fantasy Open World RPG Music
$25 USD
10 Orchestral Soundtracks / ~2 mins each / 11 audio clips in total
Blackmid's avatar
Blackmid

  • Hello.

    I created a registration system for my mobile game on construct 3 with PHP (with PDO).

    except that I block on checking if the user session is open.

    to be able to redirect the user to the correct page of the application if the user is correctly connected.

    I of course had the idea to pass the session to AJAX as a parameter and have it checked if it was TRUE or FALSE.

    apart from that i noticed on the internet that a lot of people talk about security and that indeed anyone could modify the AJAX code and cheat the request.

    suddenly I wonder how to open a session on C3 secure?

    because on the internet many people are complaining about this problem but the answers are very vague and can be compressible.

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads

  • using SSL and session IDs secures the connection between the device and your server, but on the device the user can mess with the data because it is unencrypted in memory.

    there is no bullet-proof way to prevent people from cheating - you can only make it difficult. There are quite a few threads talking about various ways to discourage tampering if you search for them.

  • Session ID?

    you are talking about the ID field that can retrieve with session?

    so if I understood correctly with an SSL certificate my server is secure on this side.

    but for example the user on the client side can modify the AJAX code passing the response to TRUE and access the page without even being connected.

    so they could this logged in anonymously.

    how to counter that?

Post reply
  • 3 posts
Return to board index
Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)