Comments on: Simple Score Submission Security

By: Unlimited Master Reseller

Unlimited Master Reseller — Thu, 05 May 2011 09:29:17 +0000

I loved everything. Please keep posting tips regarding different scripts.

By: doogog

doogog — Thu, 09 Dec 2010 03:24:04 +0000

Yes, if they decode your file, this method will be revealed.

By: vv0lll

vv0lll — Mon, 06 Dec 2010 06:29:21 +0000

But, what’s up if the hacker decompiles our Flash and they know how we encoded our data ?

By: John

John — Fri, 20 Nov 2009 11:29:42 +0000

A bit late but it is actually the hash_hmac function that you would want to use e.g.

hash_hmac(‘md5′, $playerData, $key);

By: Kriss Daniels

Kriss Daniels — Wed, 30 Jan 2008 16:35:07 +0000

Sorry but this doesn’t work, the general flash score hacker does it by tweaking internal flash variable numbers (ie their score) using simple memhack (think action replay) cheat software.

So they probably wouldn’t even notice this…

I use replays. Sounds complicated but isn’t that bad if you only check suspicious scores and do so on the client.

By: andrew

andrew — Thu, 17 Jan 2008 20:19:02 +0000

useful idea! however, just fyi – mhash is deprecated in the newest versions of PHP, there’s a new built-in hash library

you’d actually want to use: hash(“md5″, $playerData, $key)

- andrew