0

I´m using PHP (I´m a total newbie with this) to get/set the scores of my games and everything is working perfectly, but it´s pretty easy to hack as I´m making my games with Javascript and the user can check the code and see the jQuery part where I send this info to the server like this

$.post( "http://theurl/addScore.php", { game: 1, name: myPlayer, score: Number(myScore) });

I guess there´s no a perfect solution, but at least I want to know how can I turn that "hack" more difficult to the cheater.

Any way to prevent such an easy insert in the database?

Jay Blanchard
  • 34,243
  • 16
  • 77
  • 119
Pizzaboy
  • 331
  • 2
  • 14

1 Answers1

0
  1. Minify your javascript.
  2. On the serverside check for abnormal scores which can't be possible, if so block IP/User.
  3. Encode clientside data, decode on the serverside.
TZHX
  • 5,291
  • 15
  • 47
  • 56
Daan
  • 12,099
  • 6
  • 34
  • 51
  • Well, when I finish the game I always minify the js code, that´s normal. About blocking users... I don´t like that too much, it could be a bug and it would be unfair to block that user, not a good option for me. About encoding in the clientside, is this really an option? Maybe I´m saying something stupid, but if the user sees how the encoding is done, he can hack it anyway (I don´t know if this makes sense...). – Pizzaboy May 19 '15 at 11:38
  • You could also give users a temporary ban. For the encoding, true but it would sure get harder. – Daan May 19 '15 at 11:51