Hello everyone!

It's been a (long) while since I've posted on these forums, I'm sure the crowd and faces have since changed! I used to be an avid A6/A7 hobby game developer. I eventually found myself lost in the software world where now I work in cloud development.

Part of me always has been itching to come back, though, so apart from this being the first of many (yay) I've been thinking about whether I can bring a particular thing to the community.

Would people find a service (library, package) where they can integrate an online "server list" into their game useful? Of course, a simple version can be done with MySQL and PHP, but developing a game is hard enough - you should not have to worry about database replication, failover, PHP security, learning SQL, etc. This service could integrate very easily, support custom data, geographic specific lists, fail-over, etc.

When I was active, I remember there was no rock solid, third party solution to aid in this. Would it be of value? Is a hosted solution - where hosting is taken care of - with "native" Lite-C integration - something people would use? Would people pay a subscription to integrate it? What about a service that delivered game content (assets) securely over the internet?

Let me know what you think! Perhaps my dive into the software would has done more than make me taste the gaming world again, but might have indeed helped!

Cheers,
Adoado

Why should a php script which adds a simple name and other values to a sqldatabase be insecure in any way? o.0
There is no plugin which will do this, and there doesnt need to be any kind of plugin for this since its not very hard at all to set up a little server and upload a php script^^
There are millions of tutorials on how to do this, if you can code a game you can also set up a server :|

What he is talking about is:

What if someone finds out about script and adds fake listings to the server list by simply visiting a url? Or finding out a way to a sql injection and bring down your server and/or get your user's passwords?

Also native Lite-C integration means he will also provide a lite-c library that can add to list when server goes up and remove them server goes down. All of that is taken care of for you.

And most of the time point of such "packages" is not whether you are able to it yourself or not. The point is, it's already done you do not need to put time and effort to it.

@ado
It would be a nice-to-have package although, considering the number of room/serverlist based games that may currently be under development, i think only a couple of people would be interested in this, if they haven't already implemented the feature. But availability of such package ready may make some people to start a project, or may be helpful in the future.
Also i would rather build that "script" with a more real-time oriented things like nodejs. It would be easier to implement features like live player count.

IDK how you want achive this...
A package containing all this can be also hacked, a SQL injection cant be done through a php file if you just know a little bit what you're doing. Furthermore, this package has to handle all this stuff on one server, I dont think someone will pay someone else's server
Download ANet, there is everything you need, you just have to c&p the php files on your server and change some settings.
Also your "live" playercount can also be done with SQL, mine has got just maximal 2 seconds delay and works very well. If a server crashes you can remove the server from the list with timestapm, which is also already done by the ANet author

You know, that's a cute statement if you know that code like this exist outside. Not SQLi enough? Try this.
Oh, and the first one that says POD is the new awesomeness and I should stop using deprecated features should go outside for a second and get a reality check

The point I'm trying to make is that PHP is a garbage piece of shit of a language. And no, I'm not talking about the fact that operators like ++ and -- are absolutely insane or that the truth table looks like someone simply emptied out a bucket of alphabet soup. The naming convention is horrible, by default PHP is absolutely insecure and pollutes the global namespace(!!!!!!!!!) with third party input without validation.
And the worst part is that the oh so awesome tutorials from the internet you are talking about are terrible, terrible and then some more terrible. The problem with PHP is that it gives web developers exactly what they want, without caring wether that's actually a good idea or not. I mean, most functions return false on error and don't log anything. Like... Hello? Could you all please stop smoking crack for just one second?


Yes. You know why? Because security is a process, not a state. The same way WordPress can be hacked, or anything really. Rolling your own software is not the solution to this, if anything, it's probably more decremental to your security. And I say that knowing very well about the state of security in most PHP libraries.

Your point is moot, your self written package can just as easily be hacked. Obscurity is, if anything, an additional layer of protection, but should never ever be the only one. And you advocate (at least implied) security through obscurity right there, and that should make you feel really bad.


Good god, the "not here invented syndrome" is strong with you. Have you ever though about a career at Microsoft?


Man, the whole *aaS industry will be pissed when they find out that no one pays for their services.

That is very, very nice and generous of you. Thanks for that.

However, and it breaks my heart to say this, I would not recommend you to do so.
While in the past, creating tools or code for the community was possibly the best way to make money with this engine, nowadays, there's not enough people left, especially not those who would pay for such a contribution.

Focus on something you really WANT to create, something that you'd enjoy creating and seeing finished, don't try to cater to the needs of what might very well be a dying community.

Lastly, I am aware that asking people to not contribute is not helping matters.

Check out SaaS, PaaS, IaaS, etc. It's a billion dollar industry. Managing a server is not trivial, especially if you want to do it securely, which can scale, etc.



I wouldn't suggest doing a counter using SQL; I'd expect once you get a few listings, you'll be unnecessarily causing row locks on your table. Writes are expensive. Use a cache like Memcached or Redis.

Wow.. ouch.

Anyone who says security is easy is probably not doing it correctly. It's insanely difficult to make sure things are done properly, across every process within a system!

Thanks for the honest feedback here.. this is sad indeed, I remember this used to be a huge, thriving community!

Amen. This, a hundred thousand times this.

Too bad it doesn't stop people from rolling their own crypto and "secure" protocols. The problem is that developers often forget that the real world isn't anything like their desks where everything works in a controlled manner.