DON'T USE THIS CODE AS IS! IF EVERYONE USES THE SAME CODE

RizbIT

Member
After compiling iOS app from GMS PC to Mac's Xcode I see these warnings in XCode

Code:
#ifndef YES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK

#warning --- DON'T USE THIS CODE AS IS! IF EVERYONE USES THE SAME CODE
#warning --- IT IS PRETTY EASY TO BUILD AN AUTOMATIC CRACKING TOOL
#warning --- FOR APPS USING THIS CODE!
#warning --- BY USING THIS CODE YOU ACCEPT TAKING THE RESPONSIBILITY FOR
#warning --- ANY DAMAGE!
#warning ---
#warning --- YOU HAVE BEEN WARNED!

// if you want to take that risk, add "-DYES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK" in the build settings at "Other C Flags"

#endif // YES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK

#define VRCFRelease(object) if(object) CFRelease(object)
I dont get where this is from, onky iOS extension ive added is the Apple IAP one. So is this from that?

Also can i ignore these warnings.

Im new to Xcode and tbh want little to do with it as possible :)
 

Cpaz

Member
After compiling iOS app from GMS PC to Mac's Xcode I see these warnings in XCode

Code:
#ifndef YES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK

#warning --- DON'T USE THIS CODE AS IS! IF EVERYONE USES THE SAME CODE
#warning --- IT IS PRETTY EASY TO BUILD AN AUTOMATIC CRACKING TOOL
#warning --- FOR APPS USING THIS CODE!
#warning --- BY USING THIS CODE YOU ACCEPT TAKING THE RESPONSIBILITY FOR
#warning --- ANY DAMAGE!
#warning ---
#warning --- YOU HAVE BEEN WARNED!

// if you want to take that risk, add "-DYES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK" in the build settings at "Other C Flags"

#endif // YES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK

#define VRCFRelease(object) if(object) CFRelease(object)
I dont get where this is from, onky iOS extension ive added is the Apple IAP one. So is this from that?

Also can i ignore these warnings.

Im new to Xcode and tbh want little to do with it as possible :)
My guess is that it's the IAP extension providing that warning.

I don't use its ios, so I don't know details, but I'm guessing it wants you to maybe modify it or risk easier piracy???

Again, I'm not sure.
 

TsukaYuriko

☄️
Forum Staff
Moderator
Sounds like the type of warning you'd get when you set up a new router and try to use it without changing the password from the default that's the same across all devices of its series.

If you want to verify that it's coming from your suspected source, make an empty project, import it, do whatever it takes to set it up and run it.
 

FrostyCat

Member
I imported that extension into a blank project, and there is one copy of that warning for iOS and another for tvOS. For posterity, here is the copy on the iOS side:
Code:
#ifndef YES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK

#warning --- DON'T USE THIS CODE AS IS! IF EVERYONE USES THE SAME CODE
#warning --- IT IS PRETTY EASY TO BUILD AN AUTOMATIC CRACKING TOOL
#warning --- FOR APPS USING THIS CODE!
#warning --- BY USING THIS CODE YOU ACCEPT TAKING THE RESPONSIBILITY FOR
#warning --- ANY DAMAGE!
#warning ---
#warning --- YOU HAVE BEEN WARNED!

// if you want to take that risk, add "-DYES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK" in the build settings at "Other C Flags"

#endif // YES_I_HAVE_READ_THE_WARNING_AND_I_ACCEPT_THE_RISK

#define VRCFRelease(object) if(object) CFRelease(object)

NSString *kReceiptBundleIdentifier               = @"BundleIdentifier";
NSString *kReceiptBundleIdentifierData           = @"BundleIdentifierData";
NSString *kReceiptVersion                       = @"Version";
NSString *kReceiptOpaqueValue                   = @"OpaqueValue";
NSString *kReceiptHash                           = @"Hash";
NSString *kReceiptInApp                           = @"InApp";
NSString *kReceiptOriginalVersion               = @"OrigVer";
NSString *kReceiptExpirationDate                = @"ExpDate";

NSString *kReceiptInAppQuantity                   = @"Quantity";
NSString *kReceiptInAppProductIdentifier       = @"ProductIdentifier";
NSString *kReceiptInAppTransactionIdentifier   = @"TransactionIdentifier";
NSString *kReceiptInAppPurchaseDate               = @"PurchaseDate";
NSString *kReceiptInAppOriginalTransactionIdentifier   = @"OriginalTransactionIdentifier";
NSString *kReceiptInAppOriginalPurchaseDate       = @"OriginalPurchaseDate";
NSString *kReceiptInAppSubscriptionExpirationDate = @"SubExpDate";
NSString *kReceiptInAppCancellationDate         = @"CancelDate";
NSString *kReceiptInAppWebOrderLineItemID       = @"WebItemId";
The warning seems to imply that some of these stock values are meant to be changed, but there are no instructions here or on the Helpdesk article for what to change in this file.

This is incredibly bad support on YoYo's end. No wonder it is poorly received on the Marketplace, as are most of YoYo's other IAP and API integrations. You might want to open a helpdesk ticket for this one, but no guarantees.
 

RizbIT

Member
Thanks for doing that. So it is the Apple IAP. So its not a good idea to publish a game on App Store using this extension then
 

Nocturne

Friendly Tyrant
Forum Staff
Admin
This is (I'm afraid) my fault as I was tasked with documenting the warning, only with all that I had going on it appears that I never quite got around to the task. So, sorry.

Basically, the code is fine to use for testing and MAY be okay to use in production. However, it is based on an open source library and so is fairly well known, meaning that it could potentially leave your app open to exploits. Your options are as follows:

  • Leave this code in place and use local validation "as-is", having assessed and understood the risks.
  • Alter the code in question (VerifyStoreReceipt.h/mm) to create your own custom solution for validating receipts, in which case you should study the following documentation:

    https://developer.apple.com/library...y.html#//apple_ref/doc/uid/TP40010573-CH1-SW2

    In doing so, you should create your own solution for parsing and validating the iOS IAP receipt.

  • Run a server that validates IAP receipts. This is Apple's preferred and suggested method, as it removes the ability for tampered-with iOS devices to spoof your validation code (since it is not executed on said compromised device).

The documentation for the Apple IAP extension will be updated to clarify this as soon as possible.
 

RizbIT

Member
MAY be okay to use in production
Has anyone published a game on Apple with IAP using this official extension?

Can someone make a simple example for Apple IAP, with two buy buttons showing how it should flow?
 
Last edited:

RizbIT

Member
iOS IAP are a joke to get to work, what are we paying for:

Ive followed yoyogames instructions
I got it all to work except the buy product

I then added buy product code to the buy button and added the async event code to handle purchase

but now eveyr time in xcode i press play and get this error
Code:
ioaiaptest`Room_First:
    0x104915028 <+0>:  adrp   x8, 1861
    0x10491502c <+4>:  ldr    x8, [x8, #0xdf0]
->  0x104915030 <+8>:  ldr    w0, [x8]
    0x104915034 <+12>: ret  Thread 1: EXC_BAD_ACCESS (code=1, address=0x0)
And the app on the device just hangs on the loader splash


EDIT SOLVED-ISH:
I found that if i added a new object to the room then I would get the above error. But if I added a new object to the room, and then deleted the iOS folder on the mac (in the gms2 shared folder) then it works as normal. Something to do with GMS2 not rewriting the files propelry on the mac when you press make executable button..
 
Last edited:
Top