Jump to content

[TOPIC: topicViewTemplate]
[GLOBAL: userSmallPhoto]
Photo

Send/receive data from MySQL external
Started by jcarlosnunezperez May 23 2019 12:16 PM

- - - - -
3 replies to this topic
[TOPIC CONTROLS]
[/TOPIC CONTROLS]
[modOptionsDropdown]
[/modOptionsDropdown]
[reputationFilter]
[TOPIC: post.html]
#1

jcarlosnunezperez

[GLOBAL: userInfoPane.html]
jcarlosnunezperez
  • Observer

  • 16 posts
  • Corona SDK

Hi, I need a simple ranking with only this:

 

Name - Points

 

In a table MySQL with the columns.

 

I have this code (i'm new in corona, sorry xD)

local json = require ( "json" )
local myNewData 
local decodedData
 
local function networkListener( event )
    if ( event.isError ) then
        print( "Network error!" )
    else
        myNewData = event.response
        print ( "From server: " .. myNewData )
        decodedData = ( json.decode( myNewData ) )
	    timer.performWithDelay(10, function() 
        end, 1)
    end
end
 
local function uploadScore()
	puntos = "80000"
	nick = "nickTEST"

 
	network.request( "http://xxxxxxx.es/json.php?nick=" .. nick .. "&total=" .. puntos, "POST", networkListener )

end
 
uploadScore()

Ok, this works for upload because I only call to URL and with GET update the table..

 

But.. Hackers can **** my scores in less than 1 sec xD

 

How can I do it, with more security, only need this, upload score, and maybe some day download scores.



[TOPIC: post.html]
#2

SGS

[GLOBAL: userInfoPane.html]
SGS
  • Corona Geek

  • 2,120 posts
  • Corona SDK

For a start use SSL to connect to your database.  Look into encrypting your requests using the crypto library



[TOPIC: post.html]
#3

richard11

[GLOBAL: userInfoPane.html]
richard11
  • Contributor

  • 467 posts
  • Corona SDK

Normally you'd build a verification hash into your request. Define a seed of some sort into your code, that only you know, and concatenate that and the other parameters into a string to create an encryption hash from, then pass the resulting hash as another parameter.

On the server side, use the same seed concatenated with the other received values to reproduce the hash. If the result matches the hash that was submitted, you know the data wasn't tampered with.

[TOPIC: post.html]
#4

SGS

[GLOBAL: userInfoPane.html]
SGS
  • Corona Geek

  • 2,120 posts
  • Corona SDK

Yep, exactly the logic I use.




[topic_controls]
[/topic_controls]