duankeng1911 2011-11-26 13:55
浏览 42
已采纳

防止网络游戏上的AJAX作弊[重复]

This question already has an answer here:

Context

I have a web game in JavaScript.

I send scores and achievements with AJAX during the game.

So anyone can view the source code, copy this request and cheat on my game.

Questions

  • Any idea of how prevent this?
  • With a token from server (I never used this system)?

Code

jquery:

$.post('ajax/score.php', {pseudo: $pseudo, score: $score, achiev: $achiev},
    function(data) {
        $('#loader').show().delay(3000).fadeOut(1000);
    }
);

php:

if (isset($_POST['pseudo']) &&
    isset($_POST['score']) && 
    isset($_POST['achiev'])) {
    ...
}

</div>
  • 写回答

1条回答 默认 最新

  • doushang3352 2011-11-26 14:10
    关注

    As the game is client side, there is no way to ensure that they do not "cheat". There are ways to make it more difficult.

    • Have all calculations performed serverside, and send back tokens...this may not be possible/feasible for your game.
    • Change the code served each time so that it will require more time to "decipher" all the requests.
    • Obfuscate the code...this is only a deterrent.
    • Have "tokens" sent during the game to see if the data matches (for example you can't win the racing game in 5 sec)...this too can be spoofed.

    As long as the game is client side, it cannot be "secured".

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 目前主流的音乐软件,像网易云音乐,QQ音乐他们的前端和后台部分是用的什么技术实现的?求解!
  • ¥60 pb数据库修改与连接
  • ¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗?
  • ¥15 拟通过pc下指令到安卓系统,如果追求响应速度,尽可能无延迟,是不是用安卓模拟器会优于实体的安卓手机?如果是,可以快多少毫秒?
  • ¥20 神经网络Sequential name=sequential, built=False
  • ¥16 Qphython 用xlrd读取excel报错
  • ¥15 单片机学习顺序问题!!
  • ¥15 ikuai客户端多拨vpn,重启总是有个别重拨不上
  • ¥20 关于#anlogic#sdram#的问题,如何解决?(关键词-performance)
  • ¥15 相敏解调 matlab