Reputation: 837
PHP+jQuery game security
I am making a game with PHP and jQuery, but I have some problems with security. It's a typing game, and when player types combination correctly, jQuery sends ajax request to PHP and PHP adds 10 points to session. Here is my code:
$('body').on('keyup','.codes_input',function() {
if($('.codes_input').val() == $('.code').html()) {
$.post(url+'/save_results',{_token:token});
points=points+10;
$('.code').html(randomString());
$('.codes_input').val('');
$('.points').html(points);
}
});
However, my friends could simply do many such $.post(url+'/save_results',{_token:token});requests in chrome extention (if I understood correctly) and got 1000 or even more points (cheating). Is there a way to avoid this? I can't find other way of programming this... Thanks for your help, sorry for my poor english :)
Upvotes: 1
Views: 73
Answers (2)
Reputation: 8036
Move the logic of evaluating and awarding points to you PHP layer.
Use the jQuery with HTML Websockets just to submit the answer .
As an example architecture, you can have a look at the following:
- Javascript and PHP for real-time multiplayer <- Join this SE network
- Real Time Multiplayer in HTML5
Upvotes: 2
Reputation: 742
Javascript can always be seen by the user, so you cannot really build a secure application like this. The way to go would be to check via Javascript whether the code is correct (as you already do), and then send the code to the PHP script and validate it there as well.
Upvotes: 1
Related Questions
- Javascript Ajax PHP non-hackable game solution
- JS/jQuery security
- javascript and php security
- How to create safe scripts PHP + jquery
- Implement Security to this application?
- Protection in my php form
- Possible security concerns with PHP
- How to make a secure game in javascript?
- AJAX Security Help
- How to make my code more secure