game fully workin

[Octet]

You main security problem is going to be SQL Injection and trying to stop it.

The trick is to never trust user input, with SQL injection you can enter a piece of code into a form and you can execute it because it is now classed as part of the script. This means that you could exploit the entire database if someone knew what they are doing.

The simplest but only a limited fix is to include mysql_real_escape_string on your user input. Validation and Sanitation are the most important things, make sure it is what the user was supposed to enter and then clean it of any potential code anyway.

[ColdBlooded]

Well one of the security issue is sadly the same with ANY McCode game: If somebody smart enough post a link of the kind: http://yourgame.com/admin.php?cmd=make_me_admin&id=userid (the url is wrong and doesn't work on purpose) and an admin click it you get the admin rights. Now you may think, sure no admins will ever click this link, ok, then what if you put the same link into a site like http://tinyurl.com/ which change the URL in something different, and then redirect there? Now leave a comment like: look what my cat did yesterday, and be sure somebody will click it. Same will work with any other function of the game.

This is a major issue and none of the current McCode do anything to avoid it.

Another issue is try to add some JS code in your forum signature, and you end up having a critical error on your server while viewing the forum post.

How can you fix those? For the first issue, the only way to fix it is to have tokens in the URL... I will not give more details you will have to discover it or... use my engine :-P

For the second issue here disclosed, you shall find the fix, I don't want to dig inside the code.

You think those are the only one? Nope, and what's worse, just google for mccode hack / exploit and you shall find tons of info... too bad.

"If somebody smart enough post a link of the kind: http://yourgame.com/admin.php?cmd=ma...dmin&id=userid (the url is wrong and doesn't work on purpose) and an admin click it you get the admin rights"

This bug was fixed many months ago. In the patch for MCCode engine v2.0.4 - documented in the changes text file.

We disallow http posting in the game in multiple sections.

The JS error on the forums, I'm not sure on how to reproduce that. Unsure of what to put to get a critical error. Could you please PM me the details?

How would I proceed if I was you? For sure stop publishing your game with your link as people could even hack your account... if they try a bit harder. Beside that, I would start writing down a story, setup the game mechanism (all text), and then decide the way to implement it (using an engine or write all yourself). Hard work? Sure thing, a LOT of work. Having a game is something which will eat you a lot of time if you want to have even something remotely successful. Count between 1-2 years if you are a fast coder to more if you are new and write all yourself.

1-2 years for any game dev, are you serious? That's just demoralizing for many game owners - there has been, there are and there will be successful mccode games out there. Defining success here as having 50-100 users online daily. Turning over $100usd+ daily. A lot of game owners are happy with this level of activity in their game after they have invested maybe a month or 2 of preparing the game for production. You should research the market for game owners and game players. It's quite interesting.

Thanks.

[a_bertrand]

I shall give you more info on Monday.

For the year or two of development its the time I took as well as what I saw from others. Sure using as n engine saves you loads of time, specially if you keep most of it. But you will not end up with your game. Just a game. You may have a different opinion of course. For me, to design a sory, setup the rules try them tweak, and improve the game experience does take a year or more. Call me slow if you want.

[Dominion]

1 to 2 years to build a game system? Erm, I beg to differ since I built 2 in around 8 months, which were both independent of each other. One was for a client, which I completed and one was my own...

The back end was complete and most of the game play, then I gave up on it. Fact of the matter is with a couple more days, it would have been ready for launch, so again, where did you get this info?

Depends on the end product. Something like a pure text based engine (or even full game) is not going to take you two years. Something more along the lines of NEAB or nebular rider (A_b's other project) is not something you get done in a matter of weeks.

As for your claim about building a site ready for a full opening that quickly I will assume you mean ready for the Beta testing since I for one claim that as part of development. Would have added yet more time depending on the people testing and what they found. Everyone is different in time frames, and what they actually produce. You can't normally say if it's taking to long unless you have seen the product and even then it's simply an opinion. Just as A_b's is on a good time frame to set yourself.

Edited July 11, 2012 by Dominion

[lucky3809]

It really depends on how many hours you put into it a day, as for me it's taking me a long time over the 2 year mark I am very limited to timing and only put in 3 hours at the most, and that is not an everyday occurrence, so a_bertrand timing seems about correct even for someone putting 3 hours in it every single day or more without missing days in coding it.

It also depends on if you are working in a team, or doing it all by yourself also.

It's not about how fast you get it done, it's about what the quality of it is after it is finished, why rush into it? Seems stupid to do so, so many errors can happen when you rush a development.

Edit: For instance MCCODES!! Look at all the errors in that engine, and even after whomever recoded it in redux there are STILL errors. Perhaps these errors were from rushing the development of it. If you spent longer time on it, and went through everything and tested it, there would not be errors, or security flaws for that matter.

With what i have seen with a_bertrand demo engine, it was well put together with no errors at all, and you can tell he took his time to get it right, it has quality that mccodes do not have!

Edited July 11, 2012 by lucky3809

[Paul Evans]

A friend of mine owned Killah-City and made over 2k from it after buying it from a user of MWG user for under 300 it ran on mcv2 old school with the bugs, fixed the bugs and presto game made 2k in the year it was in her hands till she sold it then the managers of the game killed it.

MCC makes money no matter how you look at it

http://www.immortalnight.com/login.php

http://www.samuraioflegend.com/login.php

There is a list of successful mcc based games and a list of dead ones it's not the script it's the owners Ruler of Zu was originally mcc and his game is amazingly successfull.

[ColdBlooded]

I shall give you more info on Monday.

For the year or two of development its the time I took as well as what I saw from others. Sure using as n engine saves you loads of time, specially if you keep most of it. But you will not end up with your game. Just a game. You may have a different opinion of course. For me, to design a sory, setup the rules try them tweak, and improve the game experience does take a year or more. Call me slow if you want.

A game and not your game? - Please clarify what you mean there. In my views, a person buying a game package/license means its their game. They will put all efforts into expanding that game before it is released to the public. Obviously they will add content (design, story, rules/regulations, tweaks, etc) otherwise game will be just a factory stock game. You can't expect each individual to write their own game from the ground up in order to deserve a title as "My Game :)".

Many organizations out there base their creation on platforms to avoid development overhead time / costs / community awareness.

So IMO, they have all rights to call it as "my game", hence, "your game".

I look forward to it on Monday.

[Octet]

In my opinion you can call it your game, as you said ColdBlooded, if you have the rights to it. Although at that point I believe you only should say you have the rights to it, and then once you begin adding your own content to it you can claim it as your own game, otherwise it is just plagiarism.

Depending on how much of your own content you add shall depend on how much you can call it your own, for example I wouldn't be happy to call it fully my own unless I did everything including writing the engine and doing the graphics.

[ColdBlooded]

Octet - Absolutely. All depends on a persons preference. A coder and innovator like Alain Bertrand would never classify a work as "His work" unless he has done substantial amount of work on it. Whereas, another party would claim it as their work even if they purchased the software platform from else where and based their work on top of that. Which is, ofcourse.. totally fine.

[a_bertrand]

Well, if you check the quantity of McCode games (and not only the couple which goes out of the standard and transform it), I would say most don't add any story, content, rules or anything. So this is why I would say it's not their games but as you stated yourself a "factory game". You guys (CB, Dabs) are the one to say McCode is a pre-made ready to be played game, and this is part of the problem. Don't take it wrongly, it's not your fault, it's the fault of the people which buy it, put it online and hope to have a unique game just by changing the layout and maybe adding a couple of mods.

To have a good story, a good content, good rules, for me it takes more than simply a couple of weeks or months, that's where my time frame came. Maybe I gave too much time on it, could well be as I never used any pre-made engine. So that's my fault.

Of course I don't expect either that everyone does all by his/her own, and starting from an engine does help. It would be stupid to re-invent a programming language, or code everything in assembler just to say you have your own game. So try to see what I mean: without investing a lot of time (how much needs to be defined here), a "published" game will not be your game but just a... yet another copy of...

[KyleMassacre]

It may just be me but I feel that no matter what "retail" engine you use that its pretty difficult for the beginner to novice game developers to get the feel of the engine out of the game and if you can do so fairly easily then why bother purchasing a game engine. I also feel that people need to start cutting the games out there some slack because of this especially with the vast amount of games that I have seen popping up in the couple of years that I have been in text based MMORPGs.

And as far as the mods, that is what we come here for whether it be to purchase or ask for help cause I will be the first to admit I can't write a mod from scratch for the life of me so you will see the same ol' mods in almist every game.

In a couple of years whats going to be left for someone to come up with that is how you say "new"?

The only thing that I feel is going to make a game worth it is a combo of what paul and alain have stated a game needs a good owner that is willing to put effort into it and also its going to need some sort of story to keep the players interested.

Myself, ive been developing a new game for quite sometime and it will take me quite a few months to get it to where "I" feel its a little different.

Back to what, I stated above about any game engine is that its designed for people that cannot create their own like myself. I can guarantee you that over half this community has purchased a game engine because they can not write it themselves and I can also guarantee that half of those people were you at one point in time.

And sorry for rambling on I tend to do that but I hope you guys understand where I am coming from, im just trying to stick up for us little guys no matter how crappy their game is/was/will be because it has the "feel" of the engine.

MCC will feel like MCC, NWE will feel like NWE, so on and so forth.

[a_bertrand]

Yes and no. An engine can have a fell, and will in most hands as the owners stops as soon as they get a basic game running. However what I call an engine and not a pre-made game is a framework which helps you creating YOUR game, which let you change things as you want them, and ultimately do whatever you want, yet you may wonder then what's the pro of an engine, the answer is easy: it let you start with the tools you need to quickly get some results, it creates you the foundations to build your game, being security, db, stat / items, template and more. So should all NWE game look the same? I hope to prove at some point that you can make completely different games out of it due to the modular design, however I will do so only after the first full package is finished. McCode V2 sadly can't really do that as it's all glue together.

If you use smarty as comparison, or the Zend framework, you may do basically any kind of PHP applications, right? Do they feel all the same? No for sure not. That's exactly what a game engine should do, help you develop your game but don't block you in the way to customize your game. And modifying the core file, even if it's for sure allowed is not really the way to do it in my opinion as you would loose any possible future upgrade advantages.