Creating your own asynchronous server... •--•

24567

Comments

  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    Thanks again for that... I had to fix a few things in the end to get it working.

    • Change "Column" to "col"
    • Change the number 40 to tableRowCount(tableName) as before I'd put 40 to cover cases where the imported table might be particularly long, I guess it does'nt like this number being more than the actual number of rows and so causes an error.
    • removed the speech marks " " from around the key game.GamerId (as noted in your tut video)

    Works like a dream now... a slightly disappointing dream without light sabres, monsters or flying...
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    edited February 2014
    How does play normally work with random opponents in games like Words With Friends.

    It always seems like I get to play the first move when ever I play a random opponent..... but surely the other player (the random opponent) must also have chosen to 'play a random opponent' and found themselves taking the 2nd move.

    Have I just been lucky or is there something else going on?
  • Braydon_SFXBraydon_SFX Member, Sous Chef, Bowlboy Sidekick Posts: 9,270
    How does play normally work with random opponents in games like Words With Friends.

    It always seems like I get to play the first move when ever I play a random opponent..... but surely the other player (the random opponent) must also have chosen to 'play a random opponent' and found themselves taking the 2nd move.

    Have I just been lucky or is there something else going on?
    Either player can start first. I've had it both ways.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    How does play normally work with random opponents in games like Words With Friends.

    It always seems like I get to play the first move when ever I play a random opponent..... but surely the other player (the random opponent) must also have chosen to 'play a random opponent' and found themselves taking the 2nd move.

    Have I just been lucky or is there something else going on?
    Either player can start first. I've had it both ways.
    ah good.. that clears that up... I thought some crazy voodoo was at play
  • hangnhangn Member Posts: 28
    Hi,
    you must never use password because gamesalad doesn't have encryption function. Simply use 'login with facebook' function or something like that where user account is attached to there unique facebook id. And for the multiplayer function create a my sql table where every game have a unique id and game data stored in json format. For example in a chess game a http post request to (isitmyturn.php?matchid=xxxx&playerid=xxx) to check if it is your turn then post request to (move.php?matchid=xxx&playerid=xxx&move=xxx) then get request (match.php?id=xxx) to get the current game in json format
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    you could encrypt the password in GameSalad yourself by using the new text string rules.. would take some doing… At the moment the password is encrypted on arrival at the PHP url address along with any other important info…

    It's already setup so it is generating a unique user id when registering… and a unique game id with the creation of a new game (currently only setup for creating random opponent games, but the process will be similar for all sorts of game play).

    You must be logged in, and this is checked using the encrypted user id and password.

    The game data is stored in mysql tables… then when requested, the need info is moved to a temporary table, where it is compiled into a JSON file and sent to the GS game… at which point the appropriate info is used as needed.
  • ultimaultima Member, PRO Posts: 1,207
    Stormy, great work. I wonder if we can open up a new section in the Pro forum that is dedicated to these kind of projects that enhances the capability of GS, open source like projects, through collaborative efforts. I know GS is wanting to create features that allows for native objective C add on support it would only make sense if we start to pave way to crate these joint effort projects ;)

    with that said i know you single handedly built this awesome project, but wouldn't you like some helping hands sometimes =)
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    edited February 2014
    @ultima 110% agree that adding a section for open source projects would be a great idea. The thing you guys are doing with the open source keyboard project is looking seriously good, and the fact its being shared freely makes it all the more impressive.

    I would'nt have got any of this server stuff done without Jon Mulcahys excellent tutorial and PHP code he shared with the forum. He must have put in some serious hours working out how to successfully send and receive tables between GS and his server. Then to share it freely was very generous. Which spurred me on to share the facebook integration stuff.

    Eventually once my own asynchronous system is working I'll try and share parts of it, or make a pretty heavy tutorial video.

    ... and yes definitely up for some helping hands.

    ENCRYPTING INSIDE GAMESALAD:
    If someone could think of a smart way to encode a text string inside of Gamesalad that might be useful.

    Perhaps each letter entered in a password (or email address) would refer to a column in a table, which is full of different letters or a few letters...and where that letter is in the word gives a number for the row so a different encryption would happen depending on the position of the letter in a word.

    So..

    'p' = 'z342'

    This then builds up an encrypted word which is the one which is saved in GS and sent to the server (where it's encrypted again using a far more secure method). The original password never needs to be saved anywhere, as when ever it is entered for logging in the same encryption process would occur so the encrypted word is what is checked for login not the users actual own password.

    Not sure how secure it could ever be, as someone could reverse engineer the encryption easily if they could hack the game and open it as a GS project.

    But at least it would take more work and makes the whole thing more secure again as someone would have to not only gain access to the server database and PHP files, and reverse that encoding... they'd have to also hack the project..

    It could possibly be made more secure by generating a random string as well. Could be done using random (1,100) which selects a letter from a table, and builds up a string of 200 letters and is saved in the game. Which is unique to the players own install of the game and could be used alongside their password some how. This however would cause problems if you deleted the game and tried logging in again, or tried logging in on a different device... Hmm... tricky...
  • PhoticsPhotics Member Posts: 4,172
    edited February 2014
    ... and yes definitely up for some helping hands.
    https://github.com/
    If someone could think of a smart way to encode a text string inside of Gamesalad that might be useful.
    Encryption (and pesky metrics gathering) is why I haven't tried to build a GameSalad game server. Technically, all the pieces are there for GameSalad to be awesome.

    However, since I'm busy finishing up the Stencyl textbook, I'm reluctant to work with GameSalad because it still limits the developer. Remember how long it took to get a Unix TimeStamp in GameSalad? I remember complaining about that for a while. With Stencyl, I wrote two lines of code and done. GameSalad could really be more helpful to pro developers. I think GameSalad would do better supporting a project like this than adding Playstogether support. If Jon and Stormy can do this, shouldn't GameSalad be able to build their own gaming server? That way, Pro users can use their own server, while GameSalad can make money from developers that don't want to run their own server.

    Anyway, about encryption, using the app to create your own code doesn't seem very secure to me. Once an app is on the app store, the app can be cracked. The secret code encrypting passwords could be easily compromised.

    Does HTTPS / SSL work?

    It's great to see this kind of thread, @StormyStudio and @jonmulcahy nice work.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    edited February 2014
    @Photics

    Anyway, about encryption, using the app to create your own code doesn't seem very secure to me. Once an app is on the app store, the app can be cracked. The secret code encrypting passwords could be easily compromised.

    That's why I mentioned the idea for generating a unique number which could affect the encryption... but then it would'nt work if you tried logging in with a different system.. I reckon there might be a way... needs more thought....

    Does HTTPS / SSL work?
    They're adding HTTPS support right now... so should be here in relatively soon ish...

    It's great to see this kind of thread, @StormyStudio and @jonmulcahy nice work.
    Thanks, it is pretty cool.. complicated but cool. Hopefully more things like this will pop up.. especially when they introduce some sort of scripting...
  • PhoticsPhotics Member Posts: 4,172
    They're adding HTTPS support right now... so should be here in relatively soon ish...
    Wow, that's the missing piece.

    Unfortunately, "Metrics Gathering Opt-out" is currently at the bottom of the roadmap... http://gamesalad.com/creator/roadmap

    I'm not sure what to do with GameSalad. It really shouldn't be this difficult.

    I'm sitting on a game that could reach a large audience. It's about half finished in Stencyl and half finished in GameSalad. I had trouble with universal binary support in Stencyl. Porting it to Stencyl 3.0 has been rough too. Meanwhile, GameSalad has metrics gathering. That's a professional no-no. It makes GameSalad a non-starter.

    This project I've been working on should be a multiplayer game! Now, it seems that I can accomplish that task with either GameSalad or Stencyl. But with a deadline two months away, it looks like I'm going to have to make a decision soon.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    edited February 2014
    Update on where I am with this...

    AWESOME MULTIPLAYER with friends

    • When successfully registered or logged your put through to the main menu scene.
    • Where it will load up any active games you have in the 'current games menu'
    • You can create a 'random' opponent game, which generates some basic game info on the database and is updated in the game.
    • You can log out, which clears any saved data and puts you back to the main menu.
    • You can log back in and it will load up the relevant players info.





    Main thing I've learnt is a 4 step approach to achieve the requesting and receiving of data from the server.

    1a. Send Table to URL, where PHP file can extract a userid or game id.
    1b. Server then copies required info into a temporary Table.
    1c. GS receives 'call back' knowing step 1 is successful, which triggers step 2.

    2a. Get Table from URL, where PHP collects new table into JSON format and sends to GS
    2b. GS receives Table, and can copy data to another table or what ever, picking out the user id's rows (as there is a tiny tiny chance of bringing in another users data at the same time).
    2c. GS receives 'call back' knowing step 2 is successful which triggers step 3.

    3a. Send a table to URL, with a confirmation (users id) that table is received.
    3b. Server then receives confirmation which triggers the clearing of the temporary table (making sure to only clear this users rows from the table,)
    3c. GS receive 'call back' knowing step 3 was sent to Server.

    Step 3 stops the temp table filling up, and unnecessary massive tables being sent to GS.

    Still RIDICULOUS AMOUNTS to do.
    need to import game data if your player two in a game (just does player 1 at the moment), need to create some sort of invite system where you can invite friends (email, facebook), build a friends list, facebook login setup. Have invitations to play pop up in game, ability to accept invitations.

    Only after that stuff and 10,000 other things I've not yet considered will I need to create a perfect working way to collect and send the game state between players to make the actual gameplay work. (Already done some planning for this.)

    Then I want to build my own leaderboard and player acheivements system, a custom avatar creator where the created character can be seen in your opponents game. Custom keyboard.

    Then I'll rebuild the game prototype (currently secret idea). Then build in some in-app purchases that I want, that don't break the multiplayer gameplay... and aren't essential to enjoying the game... oh and tonnes of stunning original art work and animation.

    Screw it... maybe I'll join the flappy parade.... joke ... ( for now) :-)

    Edit: Before I move on, it seems mySQL (the database software) is near the end of the line and won't be supported in newer versions of PHP. So I may as well learn one of the new options instead of learning the old one... the new options are PDO, or mySQLi. Noticed the 'i' at the end there.. makes all the difference.

    Tutorial on going from mySQL to PDO here. (at first glance it looks easier than moving to mySQLi)
    http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers


  • jonmulcahyjonmulcahy Member, Sous Chef, PRO Posts: 10,406
    awesome stuff. i wish i worked on this full time so I could really have fun with it
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    edited February 2014
    awesome stuff. i wish i worked on this full time so I could really have fun with it
    same here... I wish I could spend more time on it... also it would be handy if you could too, as you might solve problems before I reach them.... Often when I'm starring at all the lines of code in a PHP file it means absolutely nothing and I just re-read over the same paragraphs of code again and again.. and again...... must drink more coffee and sleep more.

    Also googling for a bit of code or explanation often involves reading over 20 answers to find the one you want. Neo I am definately not.

  • PhoticsPhotics Member Posts: 4,172
    edited February 2014
    awesome stuff. i wish i worked on this full time so I could really have fun with it
    same here... I wish I could spend more time on it... also wish you could too

    It seems like GameSalad should hire the two of you, so they can have their own multiplayer server.

    If that's not possible, maybe there's another option. Perhaps this could be a Kickstarter project. Maybe a pledge is $100 for your own game server software (just high scores), $250 for advanced version (asynchronous multiplayer) or $1000 advertisement link. Make it compatible with Stencyl, GameSalad, Corona and all of the popular game development software out there. If a goal of $200,000 is reached, that could mean $100,000 for each of you.

    Would it work? I don't know. It could be risky and difficult.

    I was thinking of creating a multiplayer server, but I'm just too busy. I think I found what I like to do already. I've been making books. I'm good at it and I like the pace.

    I don't know what your situation is like. But if multiplayer gaming is your passion, Kickstarter might be something to consider.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    edited February 2014
    @Photics‌ it's a nice idea and if it could be done in a tidy package I can see there could be massive demand for that.

    But what I really want to do, is make games and enjoy the process. Earn enough doing that, that I can do it all the time, and choose to do nothing some of the time (by nothing I mean family, surfing, make a film, write a book, grow a longer beard).

    My day job gets in the way at the moment but unfortunately it pays the bills and it's really not a bad job at all. I will however jump one day... and there were some options that came about after my ultimately failed kickstarter for Dark Asylum just over a year ago. The day job is good though as I'm currently story boarding (using real pencils) a 2 minute elaborate domino run to be made in Cinema 4D for a well known tech company.

    Would rather be finishing this async stuff, or drawing out sketches for the games characters though.

    I've still got my digital copy of your GameSalad book, I was always impressed at how well made that was.
  • jonmulcahyjonmulcahy Member, Sous Chef, PRO Posts: 10,406
    @Photics‌
    that is a nice idea, but like Stormy I do this on the side for fun. I wish i had more time in the day to pursue something grander.

    i have some ideas I've been mulling over in my head. you've put a few new ideas in there too :)
  • PhoticsPhotics Member Posts: 4,172
    edited February 2014
    @Photics‌
    that is a nice idea, but like Stormy I do this on the side for fun.
    Well, the other option is to spin it into an open source project. That's why I posted a link to GitHub.

    Although, I understand being busy. I'm so behind on the Stencyl textbook. I remember wanting to look at http://www.red5.org/ to see if it could be used for multiplayer games with GameSalad and Stencyl. I didn't get around to it. Now, I'm just more excited about making books.

    Also, PHP might not be the best platform for multiplayer. For high scores, it's OK. But once you get into lots of simultaneous connections, the server could start to slow down. I'm not sure, but maybe node.js can help... http://nodejs.org/

  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    Thanks @Photics
    node.js looks interesting... will read up on that a bit tomorrow. Though I have just started rewriting my PHP code to work with 'PDO mySQL' rather than 'old mysql'...

    But first.. off to pub quiz...
  • DenimSharkDenimShark Member Posts: 192
    What string rules do we currently have in the newest nightlies? I'll look into the whole encryption thing but I strongly suggest against anyone creating their own encryption hacks like the table trick you mentioned unless you have some solid background in the field.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    @DenimShark‌
    Pdf about the new strings... and other bits.
    http://gsdc.gamesalad.com/2014/01/30/17/19/52/28/NewFeatures_JS_v5.pdf
    and here was the post about them. (It was in the pro forum section)
    http://forums.gamesalad.com/discussion/63756/nightly-build-0-0-0-221-is-up

    At the moment any encrypting done inside of GS will help to a point. The server can be made very secure, but I guess there will always be ways for hackers to get in if they know what they're doing. If Sony Playstation can be hacked.. then I guess my game server can too. But you can add some seriously advanced encryption on the server.

    If important info was encrypted in the game before then someone would have to hack both the server login and PHP encryption that I apply to incoming data for user ids and passwords, as well as hacking the published app to be able to reverse the encryption there to retrieve email address, passwords etc..

    At the moment I understand it's still possible for people to reverse engineer a published app into a GS project quite easily. Not sure how, and I may be wrong but that was the case at one point.

    I think it was on GS's roadmap to make it harder to hack a project. They had a much more impressive sounding word than 'stopping hacks'.
  • beefy_clyrobeefy_clyro Member Posts: 5,390
    They had a much more impressive sounding word than 'stopping hacks'.
    obfuscation

    Oh and good update and all that ;) Loving the dedication towards this
  • DenimSharkDenimShark Member Posts: 192
    If important info was encrypted in the game before then someone would have to hack both the server login and PHP encryption that I apply to incoming data for user ids and passwords, as well as hacking the published app to be able to reverse the encryption there to retrieve email address, passwords etc..

    This is the kind of mistakes one can make when they haven't done their homework. The hacker will exploit every point of vulnerability, and will simply need to break your ingame encryption, from there on he can login using users credentials and your server side encryption wont matter. I'll look into the links though and see if I can think of something even remotely usable but as a warning, this should not be overlooked.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    It's fair to say, I haven't done much homework on this.

    If someone hacked the game project though by itself how would they be able to login using a users credentials... they wouldn't know any users credentials (username, password) unless the Server is also hacked?.. or they've got them from elsewhere.

    I may be wrong but I think you'd need both..

    ...I guess you could add a 3rd verification with a pin number entry at login. But that's one more annoying step for a user who just wants to play your game.
  • HopscotchHopscotch Member, PRO Posts: 2,782
    edited February 2014
    @StormyStudio, my highest respect for your dedication and transparency in your efforts.

    Related to https, I am keen to see if GS makes some encoding and encription string functions available for us. They have the mechanisms in the system already.

    This would allow a decent public/private key implementation.

    Fully aware that the GSTeam is hard at work and doing a great job moving forward, maybe @BlackCloakGS could send some love your way, indicating if such functions are something we can hope for ( :-* ? ).
  • hangnhangn Member Posts: 28
    Don't use email and password. Simply generate unique player id server side and store it on device. This is the most secure way.
  • HopscotchHopscotch Member, PRO Posts: 2,782
    @hangn, it is an option, but not if you aim to allow one identity accross devices. Or what happens if you have to reinstall your game.
  • hangnhangn Member Posts: 28
    You can associate it with facebook/google plus account Or send confirmation sms.
  • HopscotchHopscotch Member, PRO Posts: 2,782
    This is just banter, no critique @hangn.

    Although these are options, the SMS route is very involved, especially since GS does not give us access to device funcions or notification services.

    The facebook/google plus route is the most straight forward, but we need a more generic option.

    Many people, specially teenagers, are moving to other social media options. Tying yourself to a specific brand would be limiting, trying to accomodate all the important ones would be a huge ever expanding undertaking.
  • StormyStudioStormyStudio United KingdomMember Posts: 3,989
    @hangn that is a good option, and could work...

    If you chose to register with email it could still be done on the server using the embedded browser rather than in the GS game itself.
    Though as with my facebook integration, having to go via the embedded browser is a shame and may look a bit clunky.

    Only allowing facebook, twitter or google+ for registration would limit your user base as some people are anti social networks..

    Hmm.... any other ideas?
Sign In or Register to comment.