I am making a game with PHP and jQuery, but I have some problems with security. It's a typing game, and when player types combination correctly, jQuery sends ajax request to PHP and PHP adds 10 points to session. Here is my code:
$('body').on('keyup','.codes_input',function() {
if($('.codes_input').val() == $('.code').html()) {
$.post(url+'/save_results',{_token:token});
points=points+10;
$('.code').html(randomString());
$('.codes_input').val('');
$('.points').html(points);
}
});
However, my friends could simply do many such $.post(url+'/save_results',{_token:token});requests in chrome extention (if I understood correctly) and got 1000 or even more points (cheating). Is there a way to avoid this? I can't find other way of programming this... Thanks for your help, sorry for my poor english :)
Move the logic of evaluating and awarding points to you PHP layer.
Use the jQuery with HTML Websockets just to submit the answer .
As an example architecture, you can have a look at the following:
Javascript and PHP for real-time multiplayer <- Join this SE network
Real Time Multiplayer in HTML5
Javascript can always be seen by the user, so you cannot really build a secure application like this.
The way to go would be to check via Javascript whether the code is correct (as you already do), and then send the code to the PHP script and validate it there as well.
Related
What are some good simple projects for practicing PHP and mysql work?? Also implementing Ajax??
I am fairly new to PHP and mysql, and would like to gain more experience, I also enjoy using Ajax and xml
The most simple one is a Signup/Login Form.
While, signing up use JS to validate the form, and ajax call to submit the form data. And while taking a userId as input, you can use ajax call "onchange" to verify it's existence.
Then go for an Quiz App.
Self issuing Online Library.
And, the best one Online Pizza Ordering System.
How about trying to implement things that Facebook does, for example-
Tagging a person as you type their name
A simple chat box. Also take a look at this SO discussion
Some more googling gives you 25 Excellent Ajax Techniques and Examples
Currently I'm making a chat application where only admin and users chat, no user-to-user chat . The design is: every chat is stored in database and each 2 seconds user and admin make an AJAX request (to a php file) to see if there is a new chat dialogue, and if there is, pull the data into the textbox. It all seems normal and working good.
Problem is as more user is talking to admin at the same time the AJAX request is becoming a lot, and by testing, the web performance already decreased with only 5 users chatting at the same time. And the input is slow too, every time user press enter they got to enter the data into database first before the admin can read it (and vice versa).
I have been told that using JSON is a recommended way, but I have no idea how to do it, can someone please at least tell me how's the design or flow is going to be if use JSON? Or is there a better way to make it? (by the way, using node.js is currently impossible for my current hosting, so don't put it in suggestion lists, sucks I know).
You should change the AJAX responder phps output to JSON. (you can use the json_encode php function for example.) And you should parse(eval) this in javascript.
I am a bit sceptic. It think It could reduce the network usage by more than 50%.
Maybe you can try a message queue, like 0mq or rabbitmq.
There are a lot of chat examples around.
What would be a good way to make a online card game with chat-function in PHP?
A colleague mentioned Ajax Push Engine (APE) but APE's latest release is from 2009.
Orbited on the other hand doesn't seem to work with PHP.
Is there a viable alternative to those two that works with PHP?
I would just give up. Making a card game with PHP is far too much hard since PHP is not really meant for this kind of things.
Anyway if you really want to give it a try, just use PHP, MYSQL (PDO for example) and AJAX (with jQuery, which i personally love).
Also most of the chats written in PHP are made up with AJAX and most of them use jQuery as well.
I've recently seen also an html5 stuff for chats: http://weevilgenius.net/2010/10/html-5-websocket-chat-demo/ . But i seriously would never go with such a new technology for a business site.
We're in the first steps of what will be a AJAX-based webapp where information and generated HTML will be sent backwards and forwards with the help of JSON/POST techniques.
We're able to get the data out quickly without putting to much load on the database with the help of a cache-layer that features memcached as well as disc-based cache. Besides that - what's essential to have in mind when designing AJAX heavy webapps?
Thanks a lot,
Probably the best thing to have in mind is that your app shouldn't be AJAX-based. It should work fine if the user's browser has scripts disabled. Only then should you start layering on AJAX. Stackoverflow is a great example of this. AJAX really improves the experience but it works when it's disabled.
Another thing I like to do is to use the same PHP validation functions for both server-side and client-side validation (as in sending an AJAX request to a script containing the same PHP function) to keep the amount of cross-language code duplication to a minimum.
Read up on Degradable AJAX.
Security for one. JavaScript has a pretty notoriously bad security profile.
These are the two that always get me:
What happens when the user clicks multiple items that may trigger multiple requests that may return out of order?
What happens when a request doesn't come back for one reason or another (timeout, server problem, etc.)? It always happens eventually, and the more gracefully your system fails the better.
I want to develop an application that does a bunch of cool stuff. The first thing that I need in it is to get information about the page a person is browsing.
With that said, I need for example to know how long a user stayed in a page and where was the scrollbar. While getting that data, It's all saved to a database.
The thing is, I prefer doing that in Flash [although I have no experience in it] over Ajax since I want to hide the code - which as far as I know not possible in Javascript/Ajax.
So, can I do all that in Flash? - Read the content of the page, get the status of the scroll bar..
Plus, I then need to go threw the gathered information that is saved in the database. Since there could be many calculations i thought C++ .Net is better than PHP [which I know better].
Is that all possible or am I just crazy? :)
Thanks ahead.
Server side
I think it doesn't matter whether you'll use PHP/C++/Java/Ruby/Python/whatever... each of these is fast enough to do complex calculations, especially if we talk about pure math.
So if PHP is what you know the best, then it's obvious to use it.
Client side
Flash is pretty cool for animations and others visual effects, but for things like scroll position, time spend on website JavaScript is just better. It doesn't require third-parties plugins, it's integrated with DOM. Personally I just thing JavaScript is the most proper tool for this task.
I vote for JavaScript, you can do in JS all that you mention, using the DOM, and it has not a proprietary license.
Although you cannot compile JS code, obfuscation tools offers a decent level of protection. Closure is worth of mention too, YUY minifier etc.
Also check this ready made JS heatmap.
I advise against using C++ for server side programming. You'll be better off with Ruby/PHP etc.