Toby R's Recent Forum Activity

  • Version 1.4 available now.

    v1.4 update (2017-01-11)

    • ScreenWidth expression added: Return the width of currently set screen resolution.
    • ScreenHeight expression added: Return the height of currently set screen resolution.
    • GetScreenRatio expression added: Return the (string) aspect ratio of the screen (ex. "16:9") or 0 (integer) if could not detect.
    • IsScreenRatio expression added: Check if screen aspect ratio is equal to "WidthRatio":"HeightRatio". Return 1 if true and 0 if false.
    • GCD expression added: Return the Greatest Common Divisor for a and b parameters or 0 if wasn't found.
    • Is screen aspect ratio(Width ratio, Height ratio) condition added: True when screen aspect ratio is equal to "Width ratio":"Height ratio".

    Trivial example usage of some of new features.

  • I added a little update to the first post, explaining "why this approach over the native globals".

  • I'm back on track with MoModth. A lot has changed. I have moved some functionalities to the MoModth plugin. MoModth is still event based framework, just the absolute core features like modules handling/managing, storage managing and preloader are covered with plugin which makes life easier.

    It is strictly modular based which makes it easy to maintain no matter how big the project is and it's of course highly extensible/customizable. I will post more details soon. For now you can see how the example MoModth controller module looks like: https://puu.sh/th2qK/330bf3c688.png

  • I think you're trying to make what Pode already made. So you can take a look at his code:

  • FYI, NW.js 0.19.2 still produce black screen on OBS without '--disable-direct-composition'.

    Issue will be fixed with Chromium 56. NW.js 0.19.2 is based on Chromium 55, so we still need to wait a little bit.

  • Let me quote myself here as I would write pretty same thing as in my article anyway.

    [quote:3h7zaz9f]The discussions whether native C2 global variables are good or not have been raised many times on the Scirra forum and beyond. Some people say globals are ok, some that they’re not. I’m in this second group and that is why I made this plugin

    Download for C2 Globals.c2addon

    Download for C3 Globals.c3addon

    Please read the short article (more images than text) to unterstand the approach of using this plugin:

    Globals – Construct 2 plugin – alternative for native global variables

    == EDIT ==

    I've been asked several times to explain in more details "why this approach over the native globals". So here is some update to clarify.

    == UPDATE - New extended version ==

    Globals 2.0 is now available in Scirra Store (note that Globals v1.0 is still and will remain free).

    Globals 2.0 is an extended version of Globals plugin with the following extra features:

    • Compatible with Globals 1.0
    • Save/Load variables to System storage
    • Save/Load variables to LocalStorage (or any other place by export/import JSON)
    • Reset variables
    • Can be used as a "struct" data object

    For more details and the video please visit the Globals 2.0 store page.

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • Version 1.3 available now.

    v1.3 update (2017-01-09)

    • GetTimerTimeLeft(tag) expression added: Return the remaining time before timer triggers (in milliseconds)
    • Fixed a bug when timer condition was checked before the particular timer tag was started
  • Thank you guys! Glad you found it useful .

    I just updated plugin to v1.2. Added encryption expressions.

    v1.2 update (2017-01-05)

    • Hashing/encoding functions added: Base64, MD5, SHA1, SHA256, SHA512, Super64
  • If you want to keep it a bit more elegant you can use the "If is true" condition from TR_System plugin.

    You can do advanced logical operations there.

  • Just for the record: The request sends an email, password and API key token (like a user registration call). Once you manage to make a fake call (try to register another user) you shall see a server response like this one:

    Please post a call URL and the screen shot once you manage to break the security.

    This is basically a test of C2 (JS) trick-security without using SSL.

    Good Luck!

  • You build it on the fly as you generate keys.

    Uhm... no you don't. There is simply an API key generated on the fly for this specific call. How can a one API key with a lifetime of milliseconds be called a library?

    You are assuming you know the value of the score ahead of time.

    No you don't. I'm not sure what you meant here exactly but there are no assumptions.

    And when your algorithm is as simple as SHA256(score + salt), it is very easy to guess.

    In such a trivial example it might be, but the point is to make it more complex.

    You're not allowed to have any server-side checks though, since that is what the OP was about. This needs to be a pure JS solution.

    Uhm.. what? The point with API key is to validate it on the server side. The OP even provided a sample of PHP script. So it is all about to make a server check and authorise the request or not.

    You don't need to provide me with any code, just send me the URLs/API. I want you to minify it too, just for fun. :-p

    What you want me to minify if you don't want any code? If I'll provide you just a sample URL and and API URL, you will depend purely on luck. The point is to crack it, not to guess it as I am sure you will not guess it.

    So the test would be as following:

    • I will prepare a minified JS code which will make an AJAX call to my server API. This call will make some action on the server - let's say - create an account. So there will be an email and password send over from JS to the server secured in my way without using SSL.
    • Your goal will be to send another request to the server to create new user. So you will have to figure out my security (algorithm) trick and based on it create a request which will cheat my server and allow you to create a new account.

    So the overall test would show how much a non SSL request, covered with hashing tricks is secure. I will send you an HTML5 app which sends the request (like if you had my game locally) and the rest you have to deal yourself. Is that ok for you?

    BTW: It might be easier to talk on Discord or Skype, so PM me after you read it

  • Professional C2 debug tool — Now for sale in the Scirra Store!

    https://www.scirra.com/store/construct2 ... -tool-3121

    What is it about?

    "Debugging is the process of finding and resolving of defects that prevent correct operation of computer software or a system." - Wikipedia

    There are tons of posts, articles and even books about the importance of good debugging tool. Such tool allows you to make your app faster, make it better and more secure.

    MM_Debugger is a tool for developers who think seriously about game development. It has a lot of features that allow you to implement watchers for each section of the project and assertions which immediately alert you about the unexpected behavior in your app workflow.

    Features

    • Enable/Disable debugging (logs, assertions, stack trace) by toggling one property of the plugin,
    • Implement assertions and say "farewell" to unexpected bugs,
    • Assertion report provides detailed information about the place in event sheet of the issue including event sheet name, group name and event number,
    • Implemet Stack Trace logs and save detailed bug reports in files or send them to your server via AJAX,
    • Implement distinct logs for development process and for reports on production,
    • Use multi-tag log system and decide which section of your app you want to debug at the moment by simple tag filtering,
    • Use Spotlight System to override tag filters for quick debug look-ups,
    • Create unit tests to be sure your code is bulletproof

    Use this topic to leave comments, ask questions and talk about Professional C2 debug tool

Toby R's avatar

Toby R

Member since 23 Mar, 2015

Twitter
Toby R has 18 followers

Connect with Toby R

Trophy Case

  • 9-Year Club
  • Forum Contributor Made 100 posts in the forums
  • Forum Patron Made 500 posts in the forums
  • Forum Hero Made 1,000 posts in the forums
  • x6
    Coach One of your tutorials has over 1,000 readers
  • Email Verified

Progress

14/44
How to earn trophies