Jump to content
MakeWebGames

PHP/MongoDB Browser-Based Game Engine


Sh0ckw4ve

Recommended Posts

I recently began the development of a browser-based game engine from scratch in PHP using MongoDB as a database back-end, in the hopes of building an engine that is cleaner, more maintainable/extensible, more scalable and more secure than many current commercially available engines. I am developing it as a base on top of which I am building my own text-based game (http://www.overloadgame.com), which you can check out if you want to give the engine a little spin.

http://i.imgur.com/3gPXrS0.png

http://i.imgur.com/ccC4Teo.png

I am aware that the game is lacking in many features you would normally expect, but the point was more as a technical demonstration of the underlying engine framework, rather than an actual fully-featured game. In addition, although there are some design aspects that are loosely taken from it, I am trying wherever possible to transition away from the stereotypical MCCodes-derived text-based game atmosphere into something new and more interesting.

If I can get the current (alpha) version of the engine complete and in a vaguely usable state, I'll probably start releasing incremental builds of the codebase for other people to use to build their own games on top of.

Link to comment
Share on other sites

  • 2 years later...

It doesn't use MongoDB, it uses plaintext files which store your passwords in plaintext. I just hacked the site and found Sh0ckw4ve's password in it and go figure, he used the same password on these forums too. Always use unique, randomly generated passwords anytime you sign up to anything.

Link to comment
Share on other sites

  • 2 months later...
Can you please inform them that they are also doing it wrong?

Myself and TheMasterGeneral have already done so,

However I would like to point out that many people still use md5 or plain text and for the majority of people that play said game would not know so in the event of a possible compromise it everyone's password's would be exposed and abused.

Link to comment
Share on other sites

Myself and TheMasterGeneral have already done so,

However I would like to point out that many people still use md5 or plain text and for the majority of people that play said game would not know so in the event of a possible compromise it everyone's password's would be exposed and abused.

I'm just informing you that "sha512/sha256" is also incorrect and, in the grand scheme of things, not secure. They are not much better than md5, strictly speaking.

Link to comment
Share on other sites

I'm just informing you that "sha512/sha256" is also incorrect and, in the grand scheme of things, not secure. They are not much better than md5, strictly speaking.

 

I agree sha256/sha512 are not 100% secure although slightly better then having no hash I suppose and yeah give someone enough time with a GPU and a decent wordlist would make most brainwallet passwords that are hashed with say sha256 easily beaten.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...