Turnkey Lamp and PHP

0 favourites
  • 5 posts
From the Asset Store
Paypal PHP Supports multiple platforms, Web/html5 Android, IOS. (Including storing transaction data)
  • Hi all,

    I work with a bunch of programmers who are very resistant to Construct2. My background is in animation and games design and i love C2. But because of this resistance its like wading through mud to get them to deliver on LAMP's or Moodles that will talk to C2. I understand that I can use ajax to send requests to PHP but I haven't been able to achieve this smoothly on my own. I would love some help! I have been downloading turnkey lamps from here and running them in VM' but I don't know enough about PHP to deliver the goods.

    What I want.

    I want a turnkey solution that allows me to post

    1. User names

    2. User emails

    3. Final Scores and then leader board results.

    4. All this stored in a database like MSQL.

    It would also be great if the solution could allow me to

    add other stuff on the fly also. So I guess I need someone to set

    up a back end that allows me to add PHP requests by just adding a

    variable call in the C2 program and the PHP.

    Can anybody help at all?



  • Why their resistance?

  • I have no idea why they are resistant other than that they say the code is human unreadable so they are concerned with the security. We found another way of doing things anyway. Cheers Wink I will have a good read here.

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • I'd say the issue is that they are aware that the code is human-readable ergo anyone savvy would be able to tamper with and/or spoof the POST data.

    I personally would not send any critical data without first encrypting it. I've not been with C2 long enough to reach a stage where I've had to look at encryping data, I did notice in the plugin section there's an MD5 SHA-256 hash plugin. Worst case scenario is you use that to send some check data with each post using hidden data inside your game eg send the data "High Score = 10000 & Username = C2User" the conventional way but to prevent user from fiddling himself to top of high score table send the same data again bu append the hidden data eg the word "banana" and hash it.

    On the server end you receive the data but before you enter it on the db you again add the word banana and hash it on the server if both hashes match then insert data.

    It's much more complicated than this but unless there's cash or prizes or sensitive data at stake this sort of integrity should suffice assuming the key string is tucked away well enough as don't forget the savvy user could easily lay their hands on the entire source code from C2runtime.JS and even minified could probably work out what's what. Concantenated strings and on the fly variables such as date, user IP etc. make this job much more difficult for the spoofer.

Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)