如何将HTML5 Javascript游戏与PHP后端集成（需要高安全性） [英] How to Integrate HTML5 Javascript Game with PHP backend (High Security Required)

问题描述

Hello Friends :)我知道我已经离开了一段时间。无论如何，我有点困在一个问题，我需要人类的帮助，因为搜索引擎似乎无法回答我的问题，或者说我错了。



所以，我的问题是：

我使用Javascript和Canvas进行了这个游戏。所有游戏逻辑都在Javascript中，并且运行良好。但是我被要求制作一个用户可以下注并赢钱的游戏。

所以，首先要安全处理事情，以免黑客无法篡改游戏逻辑（使用内置调试器）使用不公平的手段赢得游戏。

其次，我正在寻找一种方法，使用PHP在Server-End中实现这些逻辑，以便我获得更好的安全性。

有没有办法可以达到所需的安全级别。任何一点帮助也会非常有帮助。请分享你的想法:) :) :)



谢谢&问候

Tushar Srivastava #TS

Hello Friends :) I know I have been off for a while. Anyways, I am kind of stuck in a problem and I need help from humans 'cause search engine seems to fail to answer my query or maybe I am forging it wrong.

So, my question is:
I have got this game using Javascript and Canvas. All the game logic is in Javascript and its working nicely. But I have been demanded to make a game with which user can bet and win money.
So, first thing is to handle things securely so that no hacker can tamper with game logic (using built in debuggers) and win the game using unfair means.
Secondly, I am looking for a way with which these logics can be implemented in the Server-End using PHP so that I get a better security.
Is there a way with which I can achieve the required level of security. Any little help will also be very helpful. Kindly Share your ideas :) :) :)

Thanks & Regards
Tushar Srivastava #TS

推荐答案

无法阻止用户查看/调试您的JS代码。



您可以对代码进行模糊处理和最小化，使其难以阅读但更难以实现。



唯一的方法确保这种游戏的安全性是为了确保所有关于奖励的决定都是在服务器端完成的。



建议如何在不了解游戏逻辑的情况下做到这一点很难。



但是要提供一个例子。想想老虎机游戏。你拉动虚拟离开器，轮子开始旋转然后停止。他们登陆的插槽的概率必须由服务器控制。奖励金额必须由服务器控制。客户端应该成为一个简单的输入/输出接口，其中所有逻辑都在服务器上运行。这可能会使某些类型的游戏难以生成，同时保持安全性。



客户端应该只能将单个操作传递给服务器。服务器必须根据游戏实例的当前状态将操作验证为有效。然后将结果返回给客户。



客户在任何时候都不应负责做出有关奖项的任何类型的决定。

There is no way to stop the user from viewing/debugging your JS code.

You can obfuscate and minimise your code to make it harder to read but harder is not impossible.

The only way to ensure the security of such a game is to make sure all the decisions about awards are done server side.

Suggesting how to do this without understanding the logic of the game is difficult.

But to provide an example. Think about a slot machine game. You pull the virtual leaver, the wheels start spinning and then they stop. The probability of which slots they land on must be server controlled. The amount to award as a prize must be server controlled. The client should become a simple input/output interface with all the logic running on a server. This can make some types of games difficult to produce whilst maintaining security.

The client should only be able to pass a single action to the server. The server must validate the action as valid based on the current state of the game instance. The result is then returned to the client.

At no point should the client be responsible for making any type of decision about prize awards.

这篇关于如何将HTML5 Javascript游戏与PHP后端集成（需要高安全性）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！