jmiller4180's Recent Forum Activity

  • Is Admob Reward Ads not working for anyone else? Doesn't seem like On Video Failed to Load is working either?

    It was working fine, and then it just stopped working all of a sudden. No errors or anything...Does the plugin need to be updated maybe?

    Tagged:

  • Nevermind. This will only allow them to retrieve their own information because that hash is unique to only them. If they tried INSERT data into the database they wouldn't be able to because they don't have a key to generate the correct hash to match the server.

    So I guess my code is fine then.

  • Wait....I am missing something here.

    If I take the

    Domain.com/file.php?Player=JoeCool&hash=generatedhash

    And just paste that into a browser it still gives me information. They dont need the key because you are already passing the hash to the server.

    So when the server checks if

    $player . $key equals the $hash passed in the url it's going to work for the app or just pasted right into a browser.

    What am I missing?

  • Brilliant, easy enough for me to figure out.

    So for anyone who stumbles across this thread. Here is what I did to make this work properly.

    - Get the plugin CBHash for C3.

    - Set a key somewhere in your project. I set it as a instance variable on a random object that I will remember. The key Example is RandomObject.key (which would be 1234567890 if you looked at the variable)

    - Event -> CBHash -> Hash PlayerName&RandomObject.key (Hexadecimal)

    - Event -> System -> Set Variable1 to CBHash.get_lastResult

    - Event -> Ajax -> Request "https://somedomain.com/somefile.php?name=PlayerName&hash=Variable1

    Then in your PHP File it would work like this. Could be GET, REQUEST, or POST I assume.

    $player = $_REQUEST['name'];

    $hashed = $_REQUEST['hash'];

    $key = '1234567890'; //<--- Nobody should see this since its in php.

    $str = $player . $key;

    if (md5($str) === $hashed) {

    //Do something here

    }

  • No, you don't pass the key, it should be kept in secret inside the app and on your server.

    For example, you want to send PlayerName and PlayerScore.

    First you need generate a HashValue = HashFunction(PlayerName & PlayerScore & SecretKey).

    Then you send three fields to the server: PlayerName, PlayerScore and HashValue.

    On the server in php file you need to generate the same hash again, using PlayerName, PlayerScore from the request, and the key stored on the server.

    If both hashes match, then you can be sure that the data was sent by your app and was not compromised.

    .

    I used CBHash plugin (you can find it here) to generate hashes in C3. But you'll also need the same hash function on the server side, I'm sure you can find how to do it on Stackoverflow.

    Ok so inside C3, I just do the following...

    Event-> SHA-256 - Hash -> var1&var2 (or do I has each var individually?)

    Then I guess I am stuck on what to do to call the hashed values into Ajax to send to the server. Is it CBHash.get_lastResult?

  • Can you explain how to do that?

    Wouldn't the key just get passed as a Parameter in the url which could just be copied and used in an external form, url, or app?

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • How do I prevent someone from figuring out the PHP Post url and then manually entering data outside of the app just by using the URL with the POST variables in it, or creating a html form with method POST?

  • Son of a gun! That was it. I just installed a free SSL certificate from Comodo to test, and it worked right away....many many hours trying to figure out if my code was wrong, if construct was wrong all to find out it was just that it needed an SSL certificate....bah!

    Thanks for all the help, you helped a lot. I appreciate it.

  • Well generally I would just advise using a host that supports HTTPS, browsers quite aggressively prefer them nowadays.

    Exporting as a HTML game and putting it on a local HTTP server would work. Using something like XAMPP, MAMP or simple-http-server.

    Well its my own dedicated server. I could change it support https if I knew what setting it was, or how to do it. Any ideas on what I could change?

    Right now I have the MYSQL database remote, and my php files on another server. The web server has been allowed to use the remote server by setting the IP of the web server as allowed in MySQL. I checked that it works by doing a simple html form from the web server. So connection, and input is working. I guess I just need to figure out the exact server setting to allow https posts.

  • So testing it by exporting it to nw.js or something would be the only way to see if its working?

  • I am struggling here. I have followed almost every tutorial I could fine about this and it still isn't working. So I am trying to insert data into MySQL using Ajax. It just won't insert into the database no matter what I try.

    I even created a simple test html form to make sure my PHP was working, and it worked fine and entered the data into the database I put in the form.

    Here is what I have in Construct 3

    I used to have it just on clicked on the button to trigger the AJAX, but thought that maybe I had it wrong and I need to do it with mouse. That didn't work either. Any help would be appreciated.

    Tagged:

  • So I figured it out on my own, it wasn't really that hard to be honest.

    1. Just export as NW.js
    2. Unzip the export.
    3. Follow the tutorial here

      partner.steamgames.com/doc/sdk/uploading .

jmiller4180's avatar

jmiller4180

Early Adopter

Member since 31 Jul, 2013

None one is following jmiller4180 yet!

Trophy Case

  • 11-Year Club
  • Coach One of your tutorials has over 1,000 readers
  • RTFM Read the fabulous manual
  • Email Verified

Progress

14/44
How to earn trophies