I’ve just started programming a online highscore for the first time, and it’s for my WP7 game. I’ve seen some similar threads, but the lack of specific c# examples to the WP7 keeps me staggering 🙁
Right now I’m using get to my PHP/Mysql server, pretty straight forward:
http://host.com/highscore/add.php?username=foo&score=12345&gamegamefoo
But if any hackers got the hold of my url, and I think thats a fairly easy job, you could enter anything.
Realizing that I can’t make a 100% secure highscorelist, I would like to do the 2nd or even 3rd best thing. I want to make it a bit more difficult then what I’m already doing.
Do anyone have anything specifics on what I could do?
You’ll want to look into
basic authentication. In it’s simplest form, you just need to create a user on your server with a password which your client will use to authenticate with. The server will check to make sure that that the credentials sent by the client match before doing anything else.Preferably your server would be using
httpsso that the username and password sent by your client isn’t sent in clear text.