GMS 2 Online Highscores

Appsurd

Member
First of all, a happy new year to you all! The GMS2 version is probably going to take a while, since I have been really busying doing stuff for myself.

Thank you for this guide, it's great that 3 years later you're still providing feedback and keeping this thread updated. I've spent the last half hour reading through all of the comments/feedback, what a great morning read. I can't wait to sit down and toy around with this leader board system!
You're welcome! Awesome, didn't expect anyone to read all of them :p

Nobody talks here about GDPR: General Data Protection Regulation. How can it be integrated with the online high score system?
"Holy open ended questions, Batman!"

1. Perhaps trim down the scope of your question to something manageable
2. Start a different topic instead of as part of a comment chain that has not much to do with gdpr
3. Be grateful that gms games no longer sends telemetry data to yoyogames, over which you would have had no control over what is sent or how it is managed
In general, you should apply one rule:
NEVER save people's email adresses, home locations, bank account, etc. until you consider it to be ABSOLUTELY NECESSARY.
If you apply this rule, you will be safe in general, because the GDPR is about personal data, and someone's highscore or username is not part of it. I would even argue that you apply this rule without having to stick to the GDPR, because you are keeping someone else's property which you also need to protect. Finally, just as @chamaeleon said, please open another topic if you would like to hear other people's opinion about GDPR compliance. My tutorial is at least perfectly safe to use (in my opinion).

EDIT: I added this answer to the FAQ in the tutorial
 
Last edited:

Appsurd

Member
Changes:

Minor update V1.1.8:
- Thanks to a user, added a clearification about using a VPN while creating your Altervista account
 

Appsurd

Member
Major update 1.2.3:

- Completely rewrote the tutorial for GMS2
- Renamed some variables for the sake of clarity
- Various minor changes to the sample project and tutorial text
- Added a new paid tutorial: Online Highscore Premium Edition, now available from $20 for just $10.
 

kloac

Member
Hi! how are you?

I 've done and read all the tutorial, but i'm having an issue that i can't resolve. On some Android devices (especially new ones, with the last android system), the highscore table stays charging with the message "Charging highscore table", like they're without internet (but they're with internet).They can't send score to the data base and of course they can't read the high score table either.
I don't know if it's a code problem from GMS, something from Altervista or Android.

I'm using GMS2 (the last version).

Hopefully you can help me with this!
Thanks You!!
 

FrostyCat

Member
On some Android devices (especially new ones, with the last android system), the highscore table stays charging with the message "Charging highscore table", like they're without internet (but they're with internet).They can't send score to the data base and of course they can't read the high score table either.
I don't know if it's a code problem from GMS, something from Altervista or Android.
Android Pie and above block plain HTTP traffic by default. Either you change your Altervista setup to HTTPS, or you add this to Option > Android > Permissions > Inject to Android Application Tag:
Code:
android:usesCleartextTraffic="true"
Do note that the latter approach will disqualify you from Google Play if the submitted information is personally identifiable. Using HTTPS instead of HTTP should always be prioritized, especially for projects done in a production-level capacity.
 

kloac

Member
@FrostyCat Thank You! I can do it :p

I'm having another issue.. how can i get a variable from the Altervista table, and then save it in a Ini file? For example an ID? :)

Thanks you!!
 

FrostyCat

Member
I'm having another issue.. how can i get a variable from the Altervista table, and then save it in a Ini file? For example an ID? :)
This tells me you have not genuinely read the tutorial, only blindly copied from it. Read it again, and actually think things over this time.

The tutorial has clear instructions on how to read values from the database on the PHP side, and how to request and parse them on the GML side. You are perfectly capable of saving yourself in this, you just chose not to. The only difference in your case is that you're trying to get an ID instead of a score (i.e. $row['ID'] instead of $row['score'] on the PHP side), and an additional write to an INI file (which isn't even related to this topic, go look up how to use INI files separately).
 

zicman

Member
Hi,

Thx so much for the tutorial but there are things i dont understand.
My php SQL skill is veerrry low but when you get a date, you use GET so, in the tutorial :

Why
if($secret_key == $_POST['secret_key'])
and not
if($secret_key == $_GET['secret_key'])


and after we have
$name = $_POST['name'];
$score = $_POST['score'];

and why not
$name = $_GET['name'];
$score = $_GET['score'];


Thx a lot
 

FrostyCat

Member
Hi,

Thx so much for the tutorial but there are things i dont understand.
My php SQL skill is veerrry low but when you get a date, you use GET so, in the tutorial :

Why
if($secret_key == $_POST['secret_key'])
and not
if($secret_key == $_GET['secret_key'])


and after we have
$name = $_POST['name'];
$score = $_POST['score'];

and why not
$name = $_GET['name'];
$score = $_GET['score'];


Thx a lot
Read up: Idempotence
Safe methods are HTTP methods that do not modify resources. For instance, using GET or HEAD on a resource URL, should NEVER change the resource.
Submitting a new score to be saved on a server changes the targeted resource, that means using GET is inappropriate. Reading a date from a server does not change the targeted resource, that means using GET is fine.
 

zicman

Member
I try to understand ... I maybe need to read it many times ;)

I only can say, if i write (with the good secret key of course) :
if($secret_key == $_POST['secret_key']) => the condition is wrong
When i change by _GET the condition is true (andwrong of course witha bad secret key)

But i dont try trought Gamemaker, i write the adress on chrome (with the good information instead of ***)
http://ftp.***.altervista.org/OnlineHighscores/addscore.php?name=toto&score=666&secret_key=1234
Maybe im wrong and i must work with Gamemaker ....
 
Last edited:

FrostyCat

Member
I try to understand ... I maybe need to read it many times ;)

I only can say, if i write (with the good secret key of course) :
if($secret_key == $_POST['secret_key']) => the condition is wrong
When i change by _GET the condition is true (andwrong of course witha bad secret key)

But i dont try trought Gamemaker, i write the adress on chrome (with the good information instead of ***)
http://ftp.***.altervista.org/OnlineHighscores/addscore.php?name=toto&score=666&secret_key=1234
Maybe im wrong and i must work with Gamemaker ....
When you type parameters into the URL like that, it is a GET request, and the parameters end up in $_GET. This is one of the first things you learn when handling requests in PHP.

This is also why if you are learning HTTP APIs, you need a request tester like Postman or cURL (gURL if you prefer a GUI). A browser's address bar is an inadequate substitute.
 

zicman

Member
Ok I "understand" why my result are not conform.
I thought it was a good idea to try with a browser, unfortunatly it's not the case.
thx
 
Top