HTML5 HTML and PHP - integration to MySQL?

Traversal

Member
Hello, I developed some Android and Windows Desktop games so far.
I am thinking about to buy the Web Version as well, so I can Export as html.

I am not sure how easy or even possible it is to grab data from produced
html GMS Code to interact on my webserver with php (save Points etc.
in my MySql-DB).

Can someone provide some sample Code produced/exported for html5
or maybe explain if or how difficult it was for you to integrate it to your
own Database?

I want my user to Exchange game-Points with a Special API, that is why I am asking :)

Edit: how secure against manipulation would you rate the html version?
 

FrostyCat

Member
I am not sure how easy or even possible it is to grab data from produced
html GMS Code to interact on my webserver with php (save Points etc.
in my MySql-DB).

Can someone provide some sample Code produced/exported for html5
or maybe explain if or how difficult it was for you to integrate it to your
own Database?
It's reasonably doable if you read the instructions for HTTP functions carefully enough (especially the part about using the HTTP event), pay attention to encoding (e.g. URL-encoded parameters should use %20 instead of spaces), and work in standardized formats like JSON instead of wasting time parsing custom formats. Here are some examples for raw PHP that I wrote several years back. It's the same on native and HTML5 exports, except with HTML5 you have to respect CORS.

Edit: how secure against manipulation would you rate the html version?
You are asking the wrong question. If it comes from a client, it can be falsified and should always be suspected as such without further server-side evidence.

On the HTML5 export, if I wanted to falsify a request on HTTP, I would use the browser's developer's tools and monitor its network traffic tab. Then I would observe what goes upstream and downstream. Once I'm confident what the format is, I would then fake the response with Postman or cURL.

On any other desktop export, I would replace the browser's developer's tools with Wireshark. The last step is the same.

If you don't want players exchanging game points they don't have, your server should be the one checking that player's balance, and proxy the exchange request if he/she has enough. The only things the player should be able to provide is an authentication token and a requested amount for how much to exchange.
 
Top