Forum Multiplayer 45-User Limit Problem :/

Discussion and help relating to the PlayerIO Multiplayer API.

45-User Limit Problem :/

Postby default0 » March 29th, 2010, 3:58 pm

Hi guys,

I have a problem with the 45-User Limit in the API.
My game is currently set up to have one room where anyone is in.
So, there cannot be more than 45 users online at once, which sucks.
Also, there doesn't seem to be a way to disconnect users and then reconnect them to another room without them being able to change to which room they wanna go (if they are hackers).
Also, on the server, since each room is separated, theres no way to do a backcheck whether the user actually was able/allowed to join the room.
To put it clear: It is possible for me to change my game so, that each map reflects one room, but it isn't possible to me to prevent hackers from randomly jumping around these maps as they like, because I cannot backcheck if they were allowed or able to switch the room...
Any way around this?

Best regards
User avatar
default0
 
Posts: 115
Joined: February 2nd, 2010, 6:46 pm
Location: Germany

Re: 45-User Limit Problem :/

Postby Oliver » March 30th, 2010, 12:01 pm

You can use the AllowPlayerJoin method to grant or deny access to rooms:

http://playerio.com/documentation/refer ... owUserJoin

Just use the JoinData to send in enough data to validate that the player is allowed to join.
User avatar
Oliver
.IO
 
Posts: 1159
Joined: January 12th, 2010, 8:29 am

Re: 45-User Limit Problem :/

Postby default0 » March 30th, 2010, 12:38 pm

Well, this still doesn't allow me to check whether he simply modified the JoinData.
Okay, to give you an example:
We have Players A and B, Maps A, B and C and Jumpgates A and B
The Players are on Map A
The Jumpgates, too.
Jumpgate A is in the upper left corner and leads to Map B
Jumpgate B in the lower right corner and leads to Map C
Player B chases Player A
Now Player A jumps through the gate A and has in WPEPro a filter created that makes every jump lead to Map C
So, he will jump to Map C now, even though he has jumped through gate A!
Player B will now be totally confused why Player A, who jumped through gate A isn't on Map B...
Since each Map is a different room, I cannot ask the room he was in before through which gate he actually jumped to backcheck if he may enter the new room/map.
The JoinData passed maybe could contain a value saying "he jumped through gate A!", but this would also need to be generated ServerSide (to be trusted) and sent in a message which could also be modified, meaning that he cheated without the system being able to notice...

Best regards
User avatar
default0
 
Posts: 115
Joined: February 2nd, 2010, 6:46 pm
Location: Germany

Re: 45-User Limit Problem :/

Postby Oliver » March 30th, 2010, 1:14 pm

The JoinData passed maybe could contain a value saying "he jumped through gate A!", but this would also need to be generated ServerSide (to be trusted) and sent in a message which could also be modified, meaning that he cheated without the system being able to notice...


You're describing the solution yourself here. Simply generate some sort of key serverside in one room, and send it in via joindata to the the other room and verify it serverside with the allowuserjoin method. You can use the system.cryptography classes for this; the simplest way is using a HMAC hash, secret key and possibly a timestamp.

Also, my personal opinion is that you should worry about making a great, popular game that everybody wants to play as your #1 priority. Then, if people start playing it, or if people start cheating, you should worry about cheating.

- Oliver
User avatar
Oliver
.IO
 
Posts: 1159
Joined: January 12th, 2010, 8:29 am

Re: 45-User Limit Problem :/

Postby default0 » March 30th, 2010, 1:20 pm

Oliver wrote:You're describing the solution yourself here. Simply generate some sort of key serverside in one room, and send it in via joindata to the the other room and verify it serverside with the allowuserjoin method.

- Oliver


And who tells me that the key I generated to validate it won't get hacked, either?
I myself could still hack this, so Im not satisfied with this.
Lets say each map has another key to enter it.
Then a player could simply research which key would be sent once he enters the map and then change this one, too.
Not 100% secure after all...

Oliver wrote:Also, my personal opinion is that you should worry about making a great, popular game that everybody wants to play as your #1 priority. Then, if people start playing it, or if people start cheating, you should worry about cheating.


In that point you're actually right, but when it comes down to security I always assume that the cheaters mess up everything they can to research how the game works, so I try to keep everything secure...

Best regards
User avatar
default0
 
Posts: 115
Joined: February 2nd, 2010, 6:46 pm
Location: Germany

Re: 45-User Limit Problem :/

Postby Oliver » March 30th, 2010, 1:25 pm

And who tells me that the key I generated to validate it won't get hacked, either?
I myself could still hack this, so Im not satisfied with this.
Lets say each map has another key to enter it.
Then a player could simply research which key would be sent once he enters the map and then change this one, too.
Not 100% secure after all...


Make it such that a key is only valid for a short period of time (5seconds) and make them bound to each player.

There, problem solved :-)
User avatar
Oliver
.IO
 
Posts: 1159
Joined: January 12th, 2010, 8:29 am


Return to Multiplayer



cron