StarFlight's Forum Posts

  • 9 posts

  • Hi,

    Have anyone already used chilly framework Real-time Multiplayer Engine on server side and C2 as client?. I take a quick look, it looks powerful enough to use it to implement multiplayer games.

    chillyframework.com

    The good thing it's open source!

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads

  • Have you seen this one yet?

    Randomized an array for a deck of cards

    Nope, thx. I'll check it out.

    So busy with upgrading my current side project to html5 that I've have not had much time to play with Construct 2 yet.

    Originally, I wanted to use Construct2 for my online game currently hosted here as a test site only. So, I'm looking more infos so I can start playing with it.

    If you are interested to see the card game in pure html5, the demo url is here: xtrasocial.org/forums

    You'll need to sign up a test account and make at least 1 post so you can play texas holdem at xtrasocial.org/holdem.

    SF

  • So no card game plugin in construct 2. Any plan to port the one from Construct classic to Construct 2?

    Is there any working game card written with Construct 2 yet that I can take a look?

    Thx!

  • So did you come up with anything good?

    In my side project, I have only one single huge JSON object with array of arrays of objects which I serialize it on server (java), since I know the internal data structure of the object, I can deserialize its fields into more meaningful js variables.

  • Last decent indie game I've enjoyed playing is an immersive brick-breaking game called Shatter.

    youtube.com/watch

  • Hi,

    I don't have much expertise on security but what I do agree that sending the password in clear text over the wire is too risky and not recommended. And if you even hash it, it does not shield you from hackers attacks since they don't even need the real password if they know the MD5 hash value that's being sent by sniffing the connection packets or airwaves and finding the hash.

    This also does not include the risk of session hijacking when one does not have SSL which protects against eves dropping, amongst other things.

    Interesting reading you can read to get more exposure on security.

    owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf

    There is some article which helps to deal with situation when you use JS and you don't have https. It requires hashing coupled with challenge key both on client and server. It helps to minimize the risks but not completely though.

    switchonthecode.com/tutorials/secure-authentication-without-ssl-using-javascript

    While it is widely used, it is not safe.

    marakana.com/blog/examples/php-implementing-secure-login-with-php-javascript-and-sessions-without-ssl.html

    I'm currently working of something which deals with security as the topic of this thread. Briefly, it deals with handling password through image recognition similarly done with some site to prevent bot but with a twist.

    Let me explain. Instead of entering password, user will be asked to click his password through randomly assigned position that visually he knows where to click to match his password. Bot can't do that and if the buffer happened to be defeated and sniffed, it can't be really used because of time token and session id associated with it will invalidate it. And more, the next time, this password is resent, it will be either expired or incorrect since it is going be changed again preventing from guessing it right each time. The reason for this is the challenge image is not the same for each time the login is invoked. Then, only and only the server knows and how to decrypt it to decode it and perform custom authentication to database. That's the idea.

    Hopefully, I can soon integrate that feature to the current game in progress!

    Cheers!

    SF

  • Thanks Kyatric!

    That's probably the missing part which I need to do if I want to use C2 to port my current texas hold'em game using HTML5 Websocket and Cubeia's poker for my own site.

    Here is my current work in progress but it's getting hard to maintain and time consuming. But it is working solid. So I was wondering if C2 will make less painful doing the front end.

    youtube.com/watch

    I'm playing more with C2 to see how it goes.

    SF

  • Thx for the quick reply!

    Cool, I've read quickly the websocket plugins and the ajax parts but I do have the following question.

    How do I sent a JSON object to the server and how I can parse it back from the client when the onMessage of websocket comes back? Any plug-in allows me to serialize/deserialize Json objects? Any code snippet so I can try it out?

    SF

  • Hi,

    I stumbled on C2 and I do have few technical questions to know whether or not I can use this tool:

    Does this tool allow me to retrieve external messages or responses from web server / socket server so I can rendering based on those events? If yes, any link so I can read more how this can be done.

    Or some plugin which allows me to talk to a socket server or websocket server which just simply forward responses or pushes messages and also allow me to send request to.

    How can I use JS variables so objects created with this tool react accordingly? Is this possible?

    Thanks!

    SF

  • 9 posts