14 replies to this topic

[andos1977]

How can i send a highscore to a mysql db oon android game?

[ChefDavid22]

The better answer is that Game Maker itself CAN connect to a mySQL DB. You just need to look into how.

On an android device you are going to need to make sure the device is connected to the internet. I would suggest not using a devices internet without first allowing the player to confirm it is ok. This is by no means a requirement, just a suggestion.

Edited by ChefDavid22, 05 July 2012 - 05:16 PM.

[Manuel777]

I would suggest not using a devices internet without first allowing the player to confirm it is ok. This is by no means a requirement, just a suggestion.

The manifest already does that, when you install an app it shows wich permissions the app requires to run. Some developers clearify WHY is that permission required on the app's description page.

The easiest way to add custom highscores tables in GameMaker is trough PHP; GM makes an http request to the PHP file on your server, wich handles the MySQL database.. This can be done even with basic php knowledge, you just have to know how http reuquests work.

[andos1977]

i made o send file in php to send the highscore and the name to mysql using GET and i don´t know if the game maker studio has a command to do that. sometthing like that http://www.mysite.co...score&name=name

[Manuel777]

yeah, studio has http_get(url) and http_post_string(url, string). They are both asyncronius functions, so after GM recieves the data fromthe request, it triggers an async HTTP event;

Create event:

async_get = http_get('http://www.mysite.com/send.php?highscore=score&name=name');

HTTP async event:

evid = ds_map_find_value(async_load, "id");
switch (evid) {
    case async_get:
        result = ds_map_find_value(async_load, "result");
        show_message(result);
    break;
}

for more info on how theese work, reffer to the manual; It holds everything you need to know and more

Ps: Do notice theese functions are not async on windows, they are exclusively made for mobile platofrms.

[allex24]

I join the quastion. I tried this tutorial http://gmc.yoyogames...howtopic=525654 and it works for HTML5 but not for windows/android. It would be great if somebody show simple example how to get it work.

[filulilus]

The better answer is that Game Maker itself CAN connect to a mySQL DB. You just need to look into how.

This would require the app to include user and password to the mysql db which (I think) is a bad ide
Im not sure if .apk files can be decompiled but since .exe can be, I woulden't be suprised

[ChefDavid22]

This would require the app to include user and password to the mysql db which (I think) is a bad ide

I'm curious why people say this. I've seen it said before. Isnt the username and password masked within the app or can it be seen by the user?

[filulilus]

I'm curious why people say this. I've seen it said before. Isnt the username and password masked within the app or can it be seen by the user?

It's not easy to find it but I think it can be done, at least that's the case with exe files.
The safest way is to use a IP adress to connect to, that way you never release vital information

[scurvycapn]

This would require the app to include user and password to the mysql db which (I think) is a bad ide :tongue:

I'm curious why people say this. I've seen it said before. Isnt the username and password masked within the app or can it be seen by the user?

It depends on the level of effort by the developer. If you're using hard-coded strings in your application, they are most likely visible just by opening the executable in notepad.

For example, I often write tools in C# to make my job easier. Say I make a tool that I can use to connect to a specific database at any customer site. Say the username/password is the same for each instance of the database (don't look at me, it's the software vendor's bright idea). Say I provide myself a textbox to enter the name of the server. I can easily just concatenate hard coded data onto the server name. So maybe my code looks like:

string connString = "Data Source=" + ServerName.Text.Trim() + ";Initial Catalog=DatabaseName;User ID=user;Password=password;";

Now, if I open that exe up in notepad and look around, I could find the following at some point:
U s e r I D = u s e r ; P a s s w o r d = p a s s w o r d ;

Basically, the hardcoded strings are all visible with spaces between the letters. That is not good. A better solution would be to encrypt the sensitive data at design time. Then you'd just see a bunch of gobbledygook if you tried reading the executable. At runtime, you'd decrypt the string so that you could create the proper connection string. I don't do this for my personal tools as I already know the passwords and even if someone did get a hold of it, they aren't going to be able to do anything anyway without my RSA token and a valid state government VPN account.

Even when you do encrypt/decrypt as mentioned above, someone could always try reading the memory being used to find the decrypted value after it is decrypted. .Net actually has a SecureString class that automatically encrypts any data placed in it and wipes it from memory when it is no longer needed.

[Manuel777]

scurvy, thats no longer the case with GMS, if you have tried you will see everything is compressed on the exe

Currently, the only platform where you can actually see the strings with little effort is HTML5, everything is obufscated, but you can still find strin if you know how the js works..

Better to do not take risks for your servers, use PHP, thats the sort of things php was made for.

[ChefDavid22]

I never got around to learning php. I stopped database work just as the industry was moving from asp to c# so I sort of missed the whole php train everyone was jumping on.

One day I'll have to try a game where I connect using it just so I can say I know how.

[Manuel777]

u kiddin? php is the easiest thing on the world

$username="?";

$password="??";

$database="???";

$mysqli = mysqli_connect("localhost", $username, $password, $database);



$result = mysqli_query($mysqli, "SELECT name,score,id FROM table_scores" ) or die($mysqli->error);

$number = 0;

while ( $row = mysqli_fetch_assoc($result) and $number < 41) {

    echo $row['name'] .'/'. $row['score'] .'/';

    $number ++;

}

Edited by Manuel777, 06 July 2012 - 05:57 PM.

[filulilus]

Yeah, seriously, PHP remind me so much of GML, they are both so easy!
Also, there are (obviously) so much information about PHP on the web which makes it even easier to learn.

[ChefDavid22]

Yea it doesnt surprise me it would be easy to learn. I read many years ago that if you already know php or asp, the other is grasped fairly quickly.