Ambiera ForumDiscussions, Help and Support. |
|
|
|||||
|
Hello everyone, I'm working on a project which will become an e-learning platform. In a company, employees will use the game that I'm developing to improve themselves at their job, and some data will be saved for each session. The idea would be that each employee will only see its results, an administrator will see the results of all employees. Now employees have their user name to log into the company PCs, when they open the game that I have created, this user name (Windows or Mac target) is automatically inserted into the variable "name" and it will be the username of the player in the game. So there is no real login in the game. My question is: Would it be correct to export these information (date, time spent in game, correct and incorrect questions, etc...) in 2 txt files: one for each user and one for the admin which will save data for every player ? Is it possible to export a txt file to a path of another user in the same corporate network (administrator user) ? Or would there be a better way? Thank you in advance 
|
||||
|
You can acheive this by working with php , node.js and my sql which is used for server side scripting.... Using the current logged in user as username can be done ... I have mentioned that earlier in a post.... And you can show the result ... Time taken to answer the question... Show correct answer... And can also show the user the total time they spent while playing the game.. You don't need to create 2 .txt file... You can allow admin to read the values from same file.... Save all your variable to mysql database then use php to read those variable and node.js to interpretate them with the game... Or google more about server side game develipment.. |
||||
|
Nice, work. You've 2 choices while you're working with php, either to use database (safer_option), to use a text file(no so safe). If you are not interested in database and need files then you'll have to remember that it is vulnerable to RFI attack (Remote File Intrusion) in which the attacker will be able to get all the php source code and all the info about admin and the members. You've to use cryptography tricks in order to prevent then and sanitize POST and GET values in order to protect yourself from attack. Remember RFI attacks are very dangerous. Secondly, the method you are using to prevent game logins is also vulnerable to Cookie Hijacking. In which an attacker'll steal all the cookies from the user and replace them with his. Now, he'll be able to play the game of the victim. He now has controls of the victim. To prevent it, you need to hash the I.P. with the cookie, so that the same IP will not work in other PC(s). You can alternatively use SSL Certificates and make your http website into https format which is safer. It encrypts the data travelling from user to the websites so that no one'll be able to hack them. Thirdly, keep in mind of XSS attacks, anyone can inject a JS string to the game, when displayed in a HTML page, it will be executed. Lastly, your question, Yeah, it'll be good to do that but keep the folder name and file name crypted and Random. If you need the sample PHP code, then you can ask me in this thread. Best of Luck 
|
||||
|
|
){kind=link}