NW webstorage questions.

If someone cleans their cookies will it delete saved data? And how easy are they to hack?

No. Very easy.

The NW local storage is separate from your browser's local storage. It's a sqlite database file. You can easily edit any of the values with something like: http://sqlitebrowser.org/

If someone cleans their cookies will it delete saved data? And how easy are they to hack?

the last time I tried, if you clean all of the cache of your browser, the savegame will be deleted...

about the hack, I belive you can encrypt the value....

I'm really hoping we get support for google saved games at some point; it would be crazy awesome to have a reliable, device-agnostic, cloud based solution with tons of hack-proof storage.

https://developers.google.com/games/ser ... savedgames

http://android-developers.blogspot.com/ ... cloud.html

TiAm - agreed - that would be awesome! Thanks for the info everyone. Ribis - how would you go about encrypting the values?

No save system is hack-proof, because if the game can read the save, then so can someone else (in theory).

NW.js storage is entirely separate from the browser. Clearing cookies/offline data/uninstalling any other browser on the system has no effect on NW.js' own storage.

btw: It seems WebStorage is reset everytime you update your app on Windows (Phone) Store.

So its not possible to use it for savegame data. I have to try the Win8 Plugin Roming data and if Save/Load works on Win8.

Ashley - thanks for the info. Bl4ckSh33p - after you try it, please share if that works.

Bl4ckSh33p

Can you give a procedure sample of what your doing to causes the data clearance with Windows Phone store. I get a data clear wipe every time I upload a package through the developers tools. However if this is through store downloading, this is concerning.

TiAm - agreed - that would be awesome! Thanks for the info everyone. Ribis - how would you go about encrypting the values?

There are two plugin for that... you select a key, and from this, you can encrypt the value when you will save a string...when construct2 will try to open the new string, the plugin convert the string in a correct value (with a correct key),

this is an example, I try to find the plugin, when I get home I will link the plugin

anyway, you can try to save the data in different way, I mean, if you need to store some coins, like 50, you can save like this:

"23y9812yu3982u" this is to get confused, just random string "50" real value "u23u2undu" a new random string"25" check if they hack the coin "u3342uy2382938" random string

without encrypt, you can make your own secure script... can be difficult, but can get harder to hack a single value...

50 is the real coin, construct count just the 50, if they hack it, a function check if a coin/2 is = to 25 o close to it... so, they need to hack 2 value, but the original string will be:

23y9812yu3982u50u23u2undu25u3342uy2382938

construct2 will count the "u" tokenat, you now where the 50 and 25 are, for example

and if you store like 5 variable, you will get a long string... and you can mix it... but there is a plugin to encrypt, so, this is just for fun

Ribis - Thank you. I look forward to checking the plugin out!

Thank you. I look forward to checking the plugin out!

this plugin made by rexrainbow works perfect:

https://www.scirra.com/forum/viewtopic.php?f=183&t=110919&p=810981&hilit=XOR#p810981

Here the plugin, I made a simple example: https://www.umbriadesign.it/decrypt.capx

I never use this plugin(I will use it), but I think, the best method will be like:

the user register a new account, in the php file, one function insert a key for that user, so, every user has different key, just look at the example..

anyway, this is very good to prevent easy hack from the SESSION value or webstorage