Pkamara
|
  |
| Joined: 25 Apr 2013 |
| Total Posts: 95 |
|
|
| 13 Jul 2014 07:32 AM |
Roblox has lots of data in even the most basic of games (Even if it's just a baseplate). But with the HTTPService there's not much you can do with it but collecting and depositing data that is sometimes not even permanent. But if we could use SQL databases it would allow for the ability to connect to SQL databases you could store all your game data and edit it easier. This would also eliminate all exploiters. Because if you have a stored value for everything in game and if an exploiter edited one or created a new script (saying that your SQL database said that your game has a limited amount of scripts) it would be automatically removed and if you found a way the exploiter would be automatically added to the ban-list. Also this would give way to new methods of doing this. For example I am making a VB program that allows me to edit parts of my games without going in studio and also allowing me to publish messages on all servers without hassle. As well as that it would increase the functionality of the HTTP Service.
Thanks Pkamara |
|
|
| Report Abuse |
|
|
drager980
|
  |
| Joined: 25 May 2009 |
| Total Posts: 13385 |
|
| |
|
Argelius
|
  |
| Joined: 19 Jul 2010 |
| Total Posts: 4047 |
|
|
| 13 Jul 2014 12:47 PM |
| We can connect to SQL databases, I do it all the time |
|
|
| Report Abuse |
|
|
|
| 13 Jul 2014 12:49 PM |
FilteringEnabled will pretty much give you the same protection except it won't make your game run at 2 fps
|
|
|
| Report Abuse |
|
|
sncplay42
|
  |
| Joined: 27 Nov 2008 |
| Total Posts: 11891 |
|
|
| 13 Jul 2014 02:07 PM |
| Or you could do what every website in the world does and provide access to your SQL database via a HTTP-based API. |
|
|
| Report Abuse |
|
|
Seranok
|
  |
| Joined: 12 Dec 2009 |
| Total Posts: 11083 |
|
| |
|
| |
|
|
| 13 Jul 2014 03:46 PM |
HTTP-Based API may be unsecure as the one who creates it probaly wants to give full control to the client. That would mean full control to the database remotely, with no login credentials, which is not good. Of course it is safe if it will only run whitelisted code. |
|
|
| Report Abuse |
|
|
sncplay42
|
  |
| Joined: 27 Nov 2008 |
| Total Posts: 11891 |
|
|
| 13 Jul 2014 05:01 PM |
| I don't mean you just chuck "SELECT blah FROM blah" into an http request if that's what you're thinking... |
|
|
| Report Abuse |
|
|
Xeptix
|
  |
| Joined: 14 Mar 2013 |
| Total Posts: 1115 |
|
|
| 13 Jul 2014 05:24 PM |
You CAN make it secure...
Simply perform an HttpService:PostAsync k
local jsonEncode = assert(LoadLibrary("RbxUtility")).EncodeJSON game.HttpService:PostAsync("http://something.com/RobloxDatabase",jsonEncode({ Key = "SomeReallyLongSecurityKeyWithRandomNumbersAndCharactersThatTheWebsiteAPIUsesBeforeAccessingTheDatabase", SaveKey = "Swag", SaveValue = 1337 }), "TextPlain")
then your website can make sure the key matches a key you set on the server, then perform the action. (just an example but that is KINDA how I used to do it, but my method required 3 keys and only worked on certain PlaceIds, and didn't work on web browsers) |
|
|
| Report Abuse |
|
|
|
| 14 Jul 2014 01:59 AM |
@Xeptix You could just dump the traffic with Fiddler or Wireshark and you would get the keys. About the place ids, Lua injection, anyone? We definitely need an SQL API!
|
|
|
| Report Abuse |
|
|
magnalite
|
  |
| Joined: 18 Oct 2009 |
| Total Posts: 2467 |
|
|
| 14 Jul 2014 04:41 AM |
You cant sniff traffic from a remote server. This whole idea is pointless unless you know how to store only the details you need which isn't every single part in the game. Do that and you lag, hard. In fact the only reason you would use this is if you want persistent worlds. The nature of roblox is better off with data stored in runtime variables.
Source - I've use http and sql to create a persistent world with cross server synchronization. It isn't easy to do unless you know what you are doing. (Hint: From that first post you don't know what you're doing) |
|
|
| Report Abuse |
|
|
|
| 14 Jul 2014 09:17 AM |
| Wow, I don't even know what I was thinking about in my last post... |
|
|
| Report Abuse |
|
|