{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 兄弟一词,经得起流年. 的问题《Prevent AJAX cheating on a web game [duplicate]》','https://www.manongdao.com/q-881384.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
This question already has an answer here:
Context
I have a web game in JavaScript.
I send scores and achievements with AJAX during the game.
So anyone can view the source code, copy this request and cheat on my game.
Questions
- Any idea of how prevent this?
- With a token from server (I never used this system)?
Code
$.post('ajax/score.php', {pseudo: $pseudo, score: $score, achiev: $achiev},
function(data) {
$('#loader').show().delay(3000).fadeOut(1000);
}
);
php:
if (isset($_POST['pseudo']) &&
isset($_POST['score']) &&
isset($_POST['achiev'])) {
...
}
As the game is client side, there is no way to ensure that they do not "cheat". There are ways to make it more difficult.
As long as the game is client side, it cannot be "secured".