shrek1609 Posted May 7, 2009 Posted May 7, 2009 I have been reading up a lot on security just lately and in the process of recoding all my files securely... however... as i see it there is no such thing as a totally secure site, anything is hackable... Now the problem with hacking attempts as i see it is the injection of large amounts of cash or crystals going into the game... Now before you say code it securely, there is always a way round everything... so i have come up with some ideas... 1. Work out some amounts ie how much money and crystals would be impossible to have under a certain level, then add the code in header eg: if money > x and level < x (then fedjail) this could be done for gang vault, banks etc 2. another idea i've had is to code the bank accounts so that they can only hold a certain amount which increases daily... eg day one $250k day two $500k day 3 $750k (obviously set up for your games economy) 3. crystals, again increase the amount of crystals they can hold daily, my max paypal purchase is 15k of crystals... so day one they can hold 20k day two 21k etc... basically code in a cap on the amount of crystals one member can hold.... ok i've just come up with these ideas, i would appreciate some feedback on these and if enough post then i will code these in and post the code for them... Quote
Dayo Posted May 7, 2009 Posted May 7, 2009 Re: Security of your game... what if you have a money/cryatal cap just add this in header if($ir['money'] > $mcap) { echo 'you have too much money you are only alowed ${$mcap}'; $h->endpage; EXIT; } if($ir['crystals'] > $ccap) { echo 'you have too much money you are only alowed ${$Ccap}'; $h->endpage; EXIT; } cos if you were smart you would send 6/10th of the cap to a enemy member/leader and get some 1 to send 5/10th then there leader would get feded automaticly. 2. i made a bank cap so members can only have 1-2bill 3. Quote
shrek1609 Posted May 7, 2009 Author Posted May 7, 2009 Re: Security of your game... well i've actually revamped this idea... the rolling caps ie upgraded for each day old, if you exceeded the amount allowed your account would be frozen with a message popping up for only staff to see (in header) to investigate it... and either ban or unfreeze as appropriate you could change your rules if people were sending money to freeze peoples accounts then they get banned for x amount of days... crystals wouldnt be a problem no one would send them as too valuable just to get someone frozen... Quote
Miniman Posted May 7, 2009 Posted May 7, 2009 Re: Security of your game... well i've actually revamped this idea... the rolling caps ie upgraded for each day old, if you exceeded the amount allowed your account would be frozen with a message popping up for only staff to see (in header) to investigate it... and either ban or unfreeze as appropriate you could change your rules if people were sending money to freeze peoples accounts then they get banned for x amount of days... crystals wouldnt be a problem no one would send them as too valuable just to get someone frozen... That's a good idea if I'm reading right. Check if the user has over the amount they should have for their age and just freeze their account? So they can't send anything, not even messages, and they can't be attacked (this will stop people mugging them) And then it could be unfrozen when the account has been investigated. Quote
shrek1609 Posted May 7, 2009 Author Posted May 7, 2009 Re: Security of your game... yep spot on Miniman... a few comments from my staff have been for the crystal cap what if someone played before... sold his account and wanted to start again and buy a shed load of crystals... he would end up frozen and upset after spending lots of real life money... so simple solution to this is in the donator files where it updates the crystals after a paypal purchase add a query to increase the cap by the amount of crystals purchased... lets face it a donator is very unlikely to hack :-D Quote
Miniman Posted May 7, 2009 Posted May 7, 2009 Re: Security of your game... But as you said, sites are never 100% secure no matter how hard you try. But it's an online game we are talking about, what really good hacker is gonna want to spend his time hacking an online game? Say if you got your site 99.9% secure, the website to important files and goverment information is that secure, what's the hacker gonna wanna target? lol I suggest just securing your site as much as possible and if the problem still happens then use this method ;) Quote
shrek1609 Posted May 7, 2009 Author Posted May 7, 2009 Re: Security of your game... i agree with what you are saying although if you think about these extra suggestions i have stated here, they are good for a live site while you are going through script to securing it... all above would only take a very short time to implement :) Quote
CrazyT Posted August 27, 2009 Posted August 27, 2009 Re: Security of your game... what if you have a money/cryatal cap just add this in header if($ir['money'] > $mcap) { echo 'you have too much money you are only alowed ${$mcap}'; $h->endpage; EXIT; } if($ir['crystals'] > $ccap) { echo 'you have too much money you are only alowed ${$Ccap}'; $h->endpage; EXIT; } That would throw a error. You would use $this->endpage(); Instead of $h->endpage; Quote
Lowball Posted September 5, 2009 Posted September 5, 2009 Re: Security of your game... In my game(s) if you over X amount of $$ it drops the player to zero, tells them the admin is investigating, sends them an event says the same thing, then sends me an email telling me to investigate, and how much they had. It's not likely it was a hack, but might also be a bug, or in the case where it was legit, I will refund the money, bankmoney or points, and up the limits. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.