Asset - Extension WebAPI

The-any-Key

Member
Web-API


This is a WebAPI written in PHP that allow you to create an online user database for your game (backend). Setup buttons will create the tables and fields in your mysql database on your web-server. The players can register, validate their email and login with this API. You can also save data to the database and load it cross platforms. Ex: the user save data in your game on an android device and then load the data on the PC version of your game. Users can also upload files. No extra DLL files. You control the API with gml code. Mostly http_post_string(). Here is a complete list of features:

Buy here (Available for GMS1.4 and 2):
YoYo Marketplace

Public features:
  • List online high-score (in game and web)
  • High-score count entities
  • Load user share data (user can share data with each other)
  • Get active users (check how may is "online" and playing your game right now)
  • Get total users count
  • Download files (http_get_file)
  • Get external IP
Login features:
  • Register with email validation
  • Login
  • Forgot password reset email
  • Delete user account
User features:
  • Save user data
  • Load user data
  • Save high-score
  • Load high-score (get points and rank)
  • Change password
  • Change username
  • Save share data (for the public)
  • Upload files
  • Upload files via web browser
  • Check if file exists on server (ex uploaded files exists)
  • Server curl upload (web-server to web-server upload)
You need:
  • Ordinary web-server space with a PHP version 5.6 or above.
  • PHP mysql 5.5 database or above on your web-server.







Is there a limit on how mush I can save?
In the demo you can save a string in slot (column) 1 and 2.
The limit is 4GB for each slot so you can save 8GB data. But if people go over this limit they can also use the upload feature that is limitless.​

Here is an example on how to save 10 different user data. But you can add as many keys to the map as you want.
Code:
user_data=ds_map_create();

// Player stats
user_data[? "hp"] = 100;
user_data[? "agility"] = 10;
user_data[? "name"] = "Knight";
user_data[? "save_x_pos"] = 4578;
user_data[? "save_y_pos"] = 2578;

// Player inventory
user_data[? "inventory_slot_1"] = "Sword;attack=10;effect=fire";
user_data[? "inventory_slot_2"] = "Shield;defence=2;effect=ice";
user_data[? "inventory_slot_3"] = "";
user_data[? "inventory_slot_4"] = "";
user_data[? "inventory_slot_5"] = "Boots;effect=speed+1";

var json_string=json_encode(user_data);

// scr_webapi_save(slot nr, save string, script to run when saved data);
scr_webapi_save(1,json_string,scr_webapi_Save_Done);

This saves the user data to the db on your web-server. You can load it by:​

Code:
scr_webapi_load(1,scr_webapi_Load_Done);

The above call send a request to the server and when you get a response scr_webapi_Load_Done is triggered. (Make a please wait screen while loading the data)​

in scr_webapi_Load_Done:
Code:
/// scr_webapi_Load_Done(success, data string, error, result_map);
var success=argument0;
var data_string=argument1;
var error=argument2;
var result_map=argument3;

if success
{
    // Got data from DB (Turn it to a ds map again, you should replace the old user_data with this map)
    user_data=json_decode(data_string);
    remove the please wait screen and go on with your game
}
else
{
    // Failed to get data from DB
    show the error to the user, he may be offline but just show the error variable to get what is wrong.
}
UPDATE:
To update to 1.0.5 just replace the PHP folder on your host. You can skip the Config.php and keep the one with the settings you already have.

 
Last edited:
M

Mann_mit_Hut

Guest
Interesting stuff, waited for something like that.
I have no clue about the php and mysql stuff, am i still able to set it up?
You say you can set up the table with your api, so I can store arbitrary data for every user (not only highscores)?
 

The-any-Key

Member
I have no clue about the php and mysql stuff, am i still able to set it up?
You don't need to know a thing about PHP or mysql. Only if you got it on your homepage web-server and what db name, username and password it got (You get them from your homepage setup page.) But just send me a message if you need help. The video show a step by step.

You say you can set up the table with your api, so I can store arbitrary data for every user (not only highscores)?
Yes.
Just click a button and it will create the tables in your database. Note that this is a fixed set.

You got 2 columns in the database for user data. Every user got his own. Best practice is to create a ds_map in GM and use json_encode and json_decode. But you can use your own system. As long its a string.
 
Last edited:
V

VinylFly

Guest
Hello The-any-key!

I've been tinkering around with your new asset--and thanks to your tutorial video about correctly setting up the database--I'm making strong progress on implementing and understanding it. Unfortunately, I think I've hit a wall and I can't seem to move forward.

I've been able to follow the tutorial successfully up until trying to register a new user. In other words, I've tested my email using the mail_test php through an internet browser and that was successful (however--in case this detail matters--when I check the validation email that I get after testing mail_test php, I am not brought to a message stating "successfully validated"; it's just a blank loaded page. But this may be due to it just being a test?) But aside from that little detail, all things indicate my email information in the config.php is correct.

I can also create a new table on my database and successfully create 4 separate high-score tables just like in the tutorial using your pre-made buttons. The problem comes when I try and register a user: I enter the password and username and email, and no matter what, I get this error message in Game Maker:

(my_website_here)/PHP/register.php?: Register Failed! RESULT:

But even with this error, I can look at my database and see the user has still been added! And I still get a validation email. But here again, after clicking on the validate account link, it loads a blank page. Other features of the asset work like 'Get IP' and 'Download', that kind of thing, so I feel I must have done something correctly...but also I've obviously messed something up too!

I'm new to php and databases, but I know I'm close to getting it to work! I'm hoping you have some general advice on what I should be looking at or perhaps double checking to try and track down my issue.

It's a great asset, though; lots of work obviously went into this and the whole thing is organized nicely with comments, and of course your video!

Thanks for your time, I'm determined to figure this out :)

edit: I'm using the GameMakerStudio 1.4 version, in case that's helpful.
 
Last edited by a moderator:

The-any-Key

Member
I am not brought to a message stating "successfully validated"; it's just a blank loaded page. But this may be due to it just being a test?)
You should see the validation text so something is wrong.

I enter the password and username and email, and no matter what, I get this error message in Game Maker:

(my_website_here)/PHP/register.php?: Register Failed! RESULT:
Hmm. Strange. What if you just enter a simple test as username and test as password? Do you use some special characters?

Can you PM me the activation link so I can check for errors.

So I can test it on my end.

What PHP version and SQL database do your host use?

Do you pay for the host or is it free?
 
Last edited:
V

VinylFly

Guest
Hello again!

I've tried simple usernames and passwords with no special characters, and it doesn't seem to work, unfortunately. I'm using PHP version 5.4.43 and mySQL version 5.6.32. Also, this is a paid host through Bluehost.

I must be doing something wrong when filling in the mail setting in the config.PHP file. I will keep testing! One other thing, I'm using an email provided by Bluehost, and not gmail. I actually tried gmail but I kept getting "could not connect to SMTP server". So I'm looking into if my firewall could be the issue. I'll let you know!
 
V

VinylFly

Guest
Hello again!

I've tried simple usernames and passwords with no special characters, and it doesn't seem to work, unfortunately. I'm using PHP version 5.4.43 and mySQL version 5.6.32. Also, this is a paid host through Bluehost.

I must be doing something wrong when filling in the mail setting in the config.PHP file. I will keep testing! One other thing, I'm using an email provided by Bluehost, and not gmail. I actually tried gmail but I kept getting "could not connect to SMTP server". So I'm looking into if my firewall could be the issue. I'll let you know!
ps I can't send links through here I guess, so could I send you the validation link another way? You email? My email is echohallstudios@gmail,com
 

The-any-Key

Member
You say you got PHP 5.4.43.
There are some functions I use that need 5.6 so I guess that is the problem. 5.6 got a new password validator that I use and is more secure.
Can you update to 5.6? There may be an update button in the control panel when you login to your host.
https://my.bluehost.com/cgi/help/447
 
Last edited:
V

VinylFly

Guest
I updated my PHP to 5.6, so I'll keep testing things out. I'm going to try different emails as well. Anyway, thanks for the help!
 

The-any-Key

Member
Ok. Report back if the issue remains. We will fix this. You can also try to enable PHP debug messages on your host to see what the error might be.
 
V

VinylFly

Guest
Ok. Report back if the issue remains. We will fix this. You can also try to enable PHP debug messages on your host to see what the error might be.
Awesome, thanks for being patient and working with me to implement this great asset! It's packed with features and potential, and I couldn't be more excited about creating a game around it. Well done and thanks!
 

The-any-Key

Member
Awesome, thanks for being patient and working with me to implement this great asset! It's packed with features and potential, and I couldn't be more excited about creating a game around it. Well done and thanks!
Thank you. Just uploaded the new version to the marketplace.
If you want you can leave a review.
Just send a message if you find bugs or want extra features.
 
P

Palumita

Guest
Have you ever tried, if this works within an HTML5 Game? I just tried it out, but it didnt work. The Testmail worked, but the Buttons in the Demo just doesnt do anything.
 

The-any-Key

Member
Have you ever tried, if this works within an HTML5 Game? I just tried it out, but it didnt work. The Testmail worked, but the Buttons in the Demo just doesnt do anything.
Tested and works. But the demo project use show_debug_messages which won't show up in the HTML5 export.

You can go to ex the scr_webapi_Login_Done script and change show_debug_message to show_message that creates a popup message in HTML5.
 

The-any-Key

Member
New feature: Global counters.
If a player try a level you can count up a value +1. When a player win a level you can count up another value +1. Then you can grab the try value ex say the level has been played 10000 times worldwide but only 1000 has finish it. This means your level have a success rate of 1000/10000=10% of the total players worldwide. You can then see how difficult the level was worldwide.

You can have unlimited amount of rows and 30 counters in each row for you to play around with.
 
H

hivemindresearchinc

Guest
Hitting this error while following the tutorial and trying to register a new user:

ERROR!!! :: ############################################################################################
FATAL ERROR in
action number 1
of Mouse Event for Left Pressed
for object obj_register:


DoAdd :: Execution Error
at gml_Script_scr_webapi_register (line 11) - register_handler = http_post_string(hostURL+"register.php?","name=" + argument0 + "&email=" + argument1 + "&password=" + base64_encode(argument2));
############################################################################################
--------------------------------------------------------------------------------------------
stack frame is
gml_Script_scr_webapi_register (line 11)
called from - gml_Object_obj_register_Mouse_4 (line 2) - scr_webapi_register(get_string_async("Username:",""),get_string_async("Email:",""),get_string_async("Password:",""),scr_webapi_Register_Done);
 

The-any-Key

Member
get_string_async
You can't replace get_string with get_string_async this way. get_string_async will return a id to catch in the dialog event. So you need to do this differently.
Tips is to use static values if you test things. Or make sure you run on Windows target where the get_string still works for debug purposes.
 

dawidM

Member
Hello,

Your asset seems promising. I have a few questions: Does it still relevant for 1.4 ? I’ve seen in description that it works, but it was in 2017, and I am thinking if you are still updating this asset? I have both GMS1.4 and GMS2, but I will jump to GMS2 when I finish my current project, so I would like to use WebAPI with GMS1.4 :)

Second thing: Is it possible to set some time-limited access to every new account? I would like to give only 14 free days for very account, and then , when somebody buys it I could change their license manually ( and also I will handle purchasing manually. I am only curious if switching off the account after 14 days can be done automatically with your asset.
 

The-any-Key

Member
Hi.

I have tested it in GMS 1.4.18.04 and it still works. If it for some reason stop to work I can upload a new version on itch.io (as the GMS1.4 marketplace upload is dead)
But for GMS2 I can still update the asset if any bugs are found.

When a user register and then login you get the following information back:
Code:
User login with ID: 5c76faac838d92.13103151 Save token: 5c76fb054ca538.51595262 Share token: 5c76faac8390f1.17487375
DB index:1
Share token:5c76faac8390f1.17487375
Name:Knight
Email:[email protected]
User Created:2019-02-27 21:01:32
User Updated/Active:undefined
Note that the created time is in database time. So try make sure it is in UTC. But it will only diff max a day so it is not that problematic.

To get the UTC time form the server you do:
scr_webapi_get_time(scr_webapi_Get_time_Done)
UTC Time: 2019:02:27:21:05:27

Or you could compare the last time they login and when the user created the account.
Ex the next time the user login you will get: User Updated/Active:2019-02-27 22:16:28
(Note that is is when they last logged in, not the login they did now)

You could make some date calculations to prevent users to go any further after they try to login.

To allow them to login you could save some data in "save002" column in the database ex "paid". You can then let the API get that data with:
Code:
scr_webapi_load(2,scr_webapi_Load_Done);
And if the data is there you can let him continue.
 
Last edited:

dawidM

Member
Thank you for your answers, I have only two additional questions :

1. In the video there is no password field, and a user can sign in without entering the password. On the other side, on the feature list there is password, and password reset function. I assume that the video was made before the update, am I right?

2.I don't use the built-in save engine offered by GMS, but I've created a solution (works well off-line), which creates ini files when saving, there are quite a lot of them, from 1 to 500 depending on what the user did in my application (desktop app). All of them are storage in sandbox in the folder with the name of my app. I guess, that if I am going to use WebApi I will have to rebuild my save system so that everything that needs to be upload to the server should be included in one ini file. Am I right?
 

The-any-Key

Member
1# I think you missed it. It is the first the user enter in the video. There is a password field in both the register and login.

2# Tips is to have a local save and backup the data to the database. You can add more columns to save data. But I would recommend bundle the data together to a handful of packages.

Or only use one ini and send the ini file as backup.

You can however backup and save all ini files to the server. Just add the users Id to each ini file to separate users. This would allow a minimal change to your save system.
 
D

Dublan

Guest
Hi!

I'm already having a webnode webpage that only allows me to upload files that can be downloaded via its own editor. I could hide it to avoid be downloaded, but I'm not sure if this solution will work.

I contacted with Webnode and they told me that FTP access is not allowed, only the option mentioned above.

Will this work?

Rgds
 

The-any-Key

Member
Hi!

I'm already having a webnode webpage that only allows me to upload files that can be downloaded via its own editor. I could hide it to avoid be downloaded, but I'm not sure if this solution will work.

I contacted with Webnode and they told me that FTP access is not allowed, only the option mentioned above.

Will this work?

Rgds
Hi.
The webapi do not use FTP only HTTP requests. So you don't need to have FTP access to upload files via the webapi.

But I did check out Webnode and I cant get any info if they support PHP 5.6 or above. Most of these free sites dont support custom PHP api like webapi.
 
D

Dublan

Guest
Hi.
The webapi do not use FTP only HTTP requests. So you don't need to have FTP access to upload files via the webapi.

But I did check out Webnode and I cant get any info if they support PHP 5.6 or above. Most of these free sites dont support custom PHP api like webapi.
Hi!

Which hosting do you recommend me? I'm trying to use 000webhost, but it works with ftp and I can't make it works.

Rgds
 

The-any-Key

Member
I use one.com

What error do you encounter? Should be an error message in the console in GM. You might need to change the permission for the upload folder in the PHP folder to 777.
 
G

Genuflex

Guest
Hello,
in GM it connects fine, but when I run it in HTML on localhost or on server, Google Chrome show in console this:

(Example from localhost)
Access to XMLHttpRequest at 'https:_www_login.php?' from origin 'http:_127.0.0.1:51264' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

So it cant connect

I have barely experience in this matter, do you have an idea?
 

The-any-Key

Member
Hello,
in GM it connects fine, but when I run it in HTML on localhost or on server, Google Chrome show in console this:

(Example from localhost)
Access to XMLHttpRequest at 'https:_www_login.php?' from origin 'http:_127.0.0.1:51264' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

So it cant connect

I have barely experience in this matter, do you have an idea?
Hi.
Sounds like CORS is not enabled in the browser.
Make sure you run the latest version of Google crome (>3). Or try another browser.

What online host have you uploaded the PHP folder too?
 
Last edited:
G

Genuflex

Guest
Hi.
Sounds like CORS is not enabled in the browser.
Make sure you run the latest version of Google crome (>3). Or try another browser.

What online host have you uploaded the PHP folder too?
I tried your Demo in several Browsers Chrome, Opera, Safari, Blackberry Browser. I think CORS is a feature that is enabled by default isn't it?

It could be a host problem, I should test another host and maybe search for others with same issue on this host. Great idea!
Host: Host Europe
 

The-any-Key

Member
CORS is often enabled on pay hosts. On free hosts it may not included as a default feature. The PHP backend is set to allow any origin. So it comes down to the browser and host.

I myself use http://one.me/svapicwm and it works fine.
 

dawidM

Member
Hello, your asset is great! I have one question, how can I get the variable (date and time) called : 'User Created' which is stored in MySql database. Is there any script for that?
 
G

Genuflex

Guest
CORS is often enabled on pay hosts. On free hosts it may not included as a default feature. The PHP backend is set to allow any origin. So it comes down to the browser and host.

I myself use http://one.me/svapicwm and it works fine.
I have paid hosting package

The strange thing is, in GM it works perfectly but in HTML5 module there is this CORS blocking error

But if this feature not enabled by default in most browsers, I can shut my game project down...

I'll try your hosting solution
 
Last edited by a moderator:

The-any-Key

Member
Hello, your asset is great! I have one question, how can I get the variable (date and time) called : 'User Created' which is stored in MySql database. Is there any script for that?
I think you get that when you login. Check the login script. Or do you need it in another situation?
 

dawidM

Member
Oh yes , you are right, thank you for a very quick response. I needed this to create automated system that blocks access to the program after 14 days of trial. Now i think that I know everything to create this system. Thank you again !

dawidM
 

The-any-Key

Member
I have paid hosting package

The strange thing is, in GM it works perfectly but in HTML5 module there is this CORS blocking error

But if this feature not enabled by default in most browsers, I can shut my game project down...

I'll try your hosting solution
If all fails send me a PM and provide me with some info about the host (link to the PHP folder on your host). So I can do some tests here against your host and see if it works from this end.
 
G

Genuflex

Guest
If all fails send me a PM and provide me with some info about the host (link to the PHP folder on your host). So I can do some tests here against your host and see if it works from this end.
I don't really understand why, but with your host it works well. Thank you :)
 
G

Genuflex

Guest
Glad it worked. Some hosts simply do not allow cross domain calls when using html5. They require you put the game on the host. This avoids the cross domain issue.
That means if I have the game on the same host as PHP scripts and set in scr_webapi_settings hostURL="localhost/PHP/" it would work?
 

The-any-Key

Member
That means if I have the game on the same host as PHP scripts and set in scr_webapi_settings hostURL="localhost/PHP/" it would work?
If you change the hostURL so it point to the PHP on your host instead (https://mysite.com/PHP/).
Else, yes. Hosting the game on the same server the PHP backend is, should fix the cross domain issue. But it might not work in all cases. In general you want a good host that support cross domain out of the box.
 
Last edited:

dawidM

Member
Guys, I encountered a serious problem and I hope that it can be resolved easily. The problem is about scr_webapi_load and loading data saved in json string on the server. When the json string was small, there were no problems at all. However, when it is a bit bigger, the program can't load it and the debug message shows: Load Failed! RESULT: undefined. I can still save the data and send it to the server, but somehow I cannot load it properly when the string is too long ( in fact it is not that long, it has only 13500 characters). I suspect, that there is some time limit set in WebApi, and when loading data takes more time than this limit it assumes that there is some problem with the server. If my line of thinking is correct, maybe there is a way to change this time limit?

Regards,
Dawid
 

The-any-Key

Member
You should be able to save and load up to 4GB of data. There is no time limit in the webAPI. But I think there is a time limit in Game maker for http requests. I will run some tests.
 

dawidM

Member
Thank you for your reply, I hope that we can resolve this problem soon :) When I save the string to txt file, it is 14 KB so it is not even close to 4 GB.
 

The-any-Key

Member
I was able to load 1.4 MB with the save/load functions. But anything over that created an empty response when loading, save worked however.
After I restarted Game maker I could load around 1.8 MB. But then it was back to 1.4 MB again. No PHP errors or Apache errors. My guess is that it is Game maker that has some kind of limit here or can't handle a big response.

Tips is to use the upload and download feature instead. As these seem to work fine with big files. You can use the user login ID number for identification for each file.

You could also try split up the data and upload it in separate save columns. You can save all parts at the same time doing:
Code:
scr_webapi_save(1,part_1,scr_webapi_Save_Done,scr_webapi_Save_Process);
scr_webapi_save(2,part_2,scr_webapi_Save_Done,scr_webapi_Save_Process);
Same for the load part:
Code:
scr_webapi_load(1,scr_webapi_Load_Done);
scr_webapi_load(2,scr_webapi_Load_Done);
You just need to put it together when all is done.

To get more than one save column you follow this tutorial:
 

dawidM

Member
Thank you for your quick reply and support. The solution:
You could also try split up the data and upload it in separate save columns.
is not good for my situation because I already use 5 save slots, and splitting each into a few smaller parts would bring a huge mess. I would like to avoid rebuilding the save system because I am going to start selling my product this month and I hope that I can do something to make the system I already have works. The good news is that I don't need to load such big files like 1.5 MB or more, I would be happy if I can load files up to 200 KB. You mentioned that when you tested it worked for you for files smaller than 1.4 MB - I would be very happy if I were able to achieve that. Could you tell me please what I can do to have the same situation as you? At this point, I have a problem with loading even 20 KB files.

Kind regards,
Dawid
 
Last edited:

The-any-Key

Member
Thank you for your quick reply and support. The solution: is not good for my situation because I already use 5 save slots, and splitting each into a few smaller parts would bring a huge mess. I would like to avoid rebuilding the save system because I am going to start selling my product this month and I hope that I can do something to make the system I already have works. The good news is that I don't need to load such big files like 1.5 MB or more, I would be happy if I can load files up to 200 KB. You mentioned that when you tested it worked for you for files smaller than 1.4 MB - I would be very happy if I were able to achieve that. Could you tell me please what I can do to have the same situation as you? At this point, I have a problem with loading even 20 KB files.

Kind regards,
Dawid
It comes down to the host you use. Who is your current provider?
 
Last edited:

dawidM

Member
My current provider is : https://hostinghouse.pl/

Maybe I can change something in my settings in server panel? What should I look for in the settings?

What about upload and download system? Is it as safe as Json string in MySQL database? These save files will contain vulnerable data, so I need to be sure that it is safe.
 

The-any-Key

Member
There seem to be a standard limit on Apache for POST. You can increase it with a .htaccess file or check with the provider to increase the limit.
One idea is to test increase the limit with a .htaccess file. More info here: https://stackoverflow.com/questions/6135427/increasing-the-maximum-post-size

The upload and download system is not as secure as the database. As the files need to have public access. Sure you can encrypt the files before you upload them. And make strange filenames that are hard to guess.

Another way would be to compress the data before you send it: https://marketplace.yoyogames.com/assets/4742/string-compress
 
Top