Comments on: Simple Score Submission Security

By: John

John — Fri, 20 Nov 2009 11:29:42 +0000

A bit late but it is actually the hash_hmac function that you would want to use e.g.

hash_hmac(‘md5′, $playerData, $key);

By: Kriss Daniels

Kriss Daniels — Wed, 30 Jan 2008 16:35:07 +0000

Sorry but this doesn’t work, the general flash score hacker does it by tweaking internal flash variable numbers (ie their score) using simple memhack (think action replay) cheat software.

So they probably wouldn’t even notice this…

I use replays. Sounds complicated but isn’t that bad if you only check suspicious scores and do so on the client.

By: andrew

andrew — Thu, 17 Jan 2008 20:19:02 +0000

useful idea! however, just fyi – mhash is deprecated in the newest versions of PHP, there’s a new built-in hash library

you’d actually want to use: hash(“md5″, $playerData, $key)

- andrew